示例#1
0
class TestStatusLifeCycle(TestCase):
    fixtures = ['licences.json']

    def setUp(self):
        self.client = SocialClient()
        self.officer = get_or_create_default_officer()
        self.user = get_or_create_default_customer()
        self.assertNotEqual(self.officer, self.user)

    def tearDown(self):
        self.client.logout()
        clear_mailbox()
        clear_all_id_files()

    def test_id_update(self):
        """
        Test that when an ID update is required and the users update their ID the customer and id status are correctly
         updated
        """
        application = create_and_lodge_application(self.user)
        self.client.login(self.officer.email)
        self.assertTrue(is_client_authenticated(self.client))
        clear_mailbox()
        data = {
            'officer': self.officer.pk,
            'application': application.pk,
            'reason': IDRequest.REASON_CHOICES[0][0],
            'text': 'you to upload an ID.'
        }
        url = reverse('wl_applications:id_request')
        self.assertFalse(is_email())
        response = self.client.post(url, data)
        self.assertEqual(200, response.status_code)
        resp_data = json.loads(response.content.decode('utf8'))
        self.assertIn('id_check_status', resp_data)
        self.assertIn('processing_status', resp_data)
        application.refresh_from_db()
        self.assertEqual('id_required', application.customer_status)
        self.assertEqual('awaiting_update', application.id_check_status)
        self.assertEqual('awaiting_applicant_response',
                         application.processing_status)
        self.assertTrue(is_email())
        email = get_email()
        self.assertIn(application.applicant_profile.email, email.to)
        self.assertEqual(ApplicationIDUpdateRequestedEmail.subject,
                         email.subject)

        # now user upload ID
        self.client.logout()
        self.assertIsNone(self.user.identification)
        self.client.login(self.user.email)
        self.assertTrue(is_client_authenticated(self.client))
        self.client.get(reverse('wl_main:identification'))
        upload_id(self.user)
        self.user.refresh_from_db()
        self.assertIsNotNone(self.user.identification)
        application.refresh_from_db()
        self.assertEqual('updated', application.id_check_status)
        self.assertEqual('under_review', application.customer_status)
        self.assertEqual('ready_for_action', application.processing_status)
示例#2
0
class TestStatusLifeCycle(TestCase):
    fixtures = ['licences.json']

    def setUp(self):
        self.client = SocialClient()
        self.officer = get_or_create_default_officer()
        self.user = get_or_create_default_customer()
        self.assertNotEqual(self.officer, self.user)

    def tearDown(self):
        self.client.logout()
        clear_mailbox()
        clear_all_id_files()

    def test_id_update(self):
        """
        Test that when an ID update is required and the users update their ID the customer and id status are correctly
         updated
        """
        application = create_and_lodge_application(self.user)
        self.client.login(self.officer.email)
        self.assertTrue(is_client_authenticated(self.client))
        clear_mailbox()
        data = {
            'officer': self.officer.pk,
            'application': application.pk,
            'reason': IDRequest.REASON_CHOICES[0][0],
            'text': 'you to upload an ID.'
        }
        url = reverse('wl_applications:id_request')
        self.assertFalse(is_email())
        response = self.client.post(url, data)
        self.assertEqual(200, response.status_code)
        resp_data = json.loads(response.content.decode('utf8'))
        self.assertIn('id_check_status', resp_data)
        self.assertIn('processing_status', resp_data)
        application.refresh_from_db()
        self.assertEqual('id_required', application.customer_status)
        self.assertEqual('awaiting_update', application.id_check_status)
        self.assertEqual('awaiting_applicant_response', application.processing_status)
        self.assertTrue(is_email())
        email = get_email()
        self.assertIn(application.applicant_profile.email, email.to)
        self.assertEqual(ApplicationIDUpdateRequestedEmail.subject, email.subject)

        # now user upload ID
        self.client.logout()
        self.assertIsNone(self.user.identification)
        self.client.login(self.user.email)
        self.assertTrue(is_client_authenticated(self.client))
        self.client.get(reverse('wl_main:identification'))
        upload_id(self.user)
        self.user.refresh_from_db()
        self.assertIsNotNone(self.user.identification)
        application.refresh_from_db()
        self.assertEqual('updated', application.id_check_status)
        self.assertEqual('under_review', application.customer_status)
        self.assertEqual('ready_for_action', application.processing_status)
示例#3
0
def lodge_application(application):
    """
    :param application:
    """
    client = SocialClient()
    client.login(application.applicant.email)
    client.get(reverse('wl_applications:edit_application', args=[application.pk]))
    url = reverse_lazy('wl_applications:preview')
    client.post(url)
    application.refresh_from_db()
    client.logout()
    return application
示例#4
0
def lodge_application(application):
    """
    :param application:
    """
    client = SocialClient()
    client.login(application.applicant.email)
    client.get(
        reverse('wl_applications:edit_application', args=[application.pk]))
    url = reverse_lazy('wl_applications:preview')
    client.post(url)
    application.refresh_from_db()
    client.logout()
    return application
示例#5
0
class ViewApplicationTestCase(TestCase):
    fixtures = [
        'licences.json', 'countries.json', 'catalogue.json', 'partner.json'
    ]

    def setUp(self):
        self.customer = get_or_create_default_customer(
            include_default_profile=True)
        self.officer = get_or_create_default_officer()
        self.assessor = get_or_create_default_assessor()
        self.not_allowed_customer = create_random_customer()
        self.assertNotEqual(self.not_allowed_customer, self.customer)

        self.client = SocialClient()
        self.application = create_and_lodge_application(self.customer)

    def tearDown(self):
        self.client.logout()

    def test_view_application_pdf(self):
        """
        Testing that when a user requests the application as a pdf they are returned a response containing a pdf
        """
        self.client.login(self.officer.email)

        response = self.client.get(
            reverse('wl_applications:view_application_pdf',
                    args=(self.application.pk, )))

        self.assertEquals(response['content-type'], 'application/pdf')

    def test_view_application_pdf_permissions(self):
        """
        Testing that only officers, assessors and customer that owns the application can view the application pdf
        """
        url = reverse('wl_applications:view_application_pdf',
                      args=(self.application.pk, ))
        allowed = [self.officer, self.assessor, self.customer]
        forbidden = [self.not_allowed_customer]

        for user in allowed:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(200, response.status_code)
            self.client.logout()

        for user in forbidden:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(403, response.status_code)
            self.client.logout()
示例#6
0
def get_action_log(application):
    client = SocialClient()
    officer = get_or_create_default_officer()
    client.login(officer.email)
    url = reverse('wl_applications:action_list', args=[application.pk])
    resp = client.get(url)
    client.logout()
    return resp.json()['data']
示例#7
0
def get_action_log(application):
    client = SocialClient()
    officer = get_or_create_default_officer()
    client.login(officer.email)
    url = reverse('wl_applications:action_list', args=[application.pk])
    resp = client.get(url)
    client.logout()
    return resp.json()['data']
示例#8
0
class ApplicationEntryTestCase(TestCase):
    fixtures = ['licences.json', 'catalogue.json', 'partner.json']

    def setUp(self):
        helpers.create_default_country()
        self.customer = get_or_create_default_customer()

        self.client = SocialClient()

        self.licence_type = WildlifeLicenceType.objects.get(product_title='regulation-17')
        self.licence_type.identification_required = True
        self.licence_type.save()

    def tearDown(self):
        self.client.logout()
        # clean id file
        if self.customer.identification:
            os.remove(self.customer.identification.path)

    def test_new_application(self):
        """
        Testing that a user can begin the process of creating an application
        """
        self.client.login(self.customer.email)

        original_application_count = Application.objects.count()

        # check that client can access the licence type selection list
        response = self.client.get(reverse('wl_applications:new_application'), follow=True)

        self.assertRedirects(response, reverse('wl_applications:select_licence_type'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        self.assertEquals(Application.objects.count(), original_application_count + 1)

        application = Application.objects.get(pk=response.context['application'].id)

        self.assertEquals(application.application_type, 'new_licence')

        self.assertEqual(self.client.session['application_id'], application.id)

    def test_edit_application(self):
        """
        Testing that a user can edit an application that was either draft or requiring amendments
        """
        application = helpers.create_application(user=self.customer)
        application.customer_status = 'draft'
        application.save()
        application.refresh_from_db()

        self.client.login(self.customer.email)

        response = self.client.get(reverse('wl_applications:edit_application', args=(application.pk,)), follow=True)

        # check that client will be redirected to the enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'), status_code=302,
                             target_status_code=200)

        # check that the data contained in the context is the same as the application data
        self.assertEquals(application.data, response.context['application'].data)

        helpers.delete_application_session(self.client)

        # check that an application that's not in an editable state can't be edited
        application.customer_status = 'under_review'
        application.save()

        response = self.client.get(reverse('wl_applications:edit_application', args=(application.pk,)))

        self.assertEqual(response.status_code, 403)

    def test_renew_licence(self):
        """
        Testing that a user can renew a licence and restart the application process based on the previous
        licence's application data
        """
        application = helpers.create_and_lodge_application(user=self.customer)
        licence = helpers.issue_licence(application, licence_data = {
            'end_date': date.today() + relativedelta(days=30),
            'is_renewable': True
        })

        self.client.login(self.customer.email)

        response = self.client.get(reverse('wl_applications:renew_licence', args=(licence.pk,)), follow=True)

        # check that client will be redirected to the enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'), status_code=302,
                             target_status_code=200)

        self.assertNotEquals(application.id, response.context['application'].id)

        self.assertEquals(response.context['application'].application_type, 'renewal')

        # check that the data contained in the context is the same as the application data
        self.assertEquals(application.data, response.context['application'].data)

        helpers.delete_application_session(self.client)

        # check that a licence that isn't due to expire within 30 days is not cannot be renewed
        application = helpers.create_and_lodge_application(user=self.customer)
        licence = helpers.issue_licence(application, licence_data = {
            'end_date': date.today() + relativedelta(days=31),
            'is_renewable': True
        })

        response = self.client.get(reverse('wl_applications:renew_licence', args=(licence.pk,)), follow=True)

        self.assertEqual(response.status_code, 403)

        # check that a licence that isn't renewable cannot be renewed
        application = helpers.create_and_lodge_application(user=self.customer)
        licence = helpers.issue_licence(application, licence_data = {
            'end_date': date.today() + relativedelta(days=30),
            'is_renewable': False
        })

        response = self.client.get(reverse('wl_applications:renew_licence', args=(licence.pk,)), follow=True)

        self.assertEqual(response.status_code, 403)

    def test_amend_licence(self):
        """
        Testing that a user can amend a licence and restart the application process based on the previous
        licence's application data
        """
        application = helpers.create_and_lodge_application(user=self.customer)
        licence = helpers.issue_licence(application)

        self.client.login(self.customer.email)

        response = self.client.get(reverse('wl_applications:amend_licence', args=(licence.pk,)), follow=True)

        # check that client will be redirected to the enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'), status_code=302,
                             target_status_code=200)

        self.assertNotEquals(application.id, response.context['application'].id)

        self.assertEquals(response.context['application'].application_type, 'amendment')

        # check that the data contained in the context is the same as the application data
        self.assertEquals(application.data, response.context['application'].data)

    def test_select_licence_type(self):
        """
        Testing that a user can display the licence type selection list
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))

        # check that client can access the licence type selection list
        response = self.client.get(reverse('wl_applications:select_licence_type'))
        self.assertEqual(200, response.status_code)

        # check that client can select a licence type the licence type selection list
        response = self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        self.assertRedirects(response, reverse('wl_applications:check_identification'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

    def test_check_identification_required_no_current_id(self):
        """
        Testing that a user can display the identification required page in the case the user has no
        current identification, and upload an ID.
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        # check that client can access the identification required page
        response = self.client.get(reverse('wl_applications:check_identification'))
        self.assertEqual(200, response.status_code)

        with open(TEST_ID_PATH, 'rb') as fp:
            post_params = {
                'identification_file': fp
            }
            response = self.client.post(reverse('wl_applications:check_identification'),
                                        post_params, follow=True)

            self.assertRedirects(response, reverse('wl_applications:create_select_profile'),
                                 status_code=302, target_status_code=200, fetch_redirect_response=True)

            # update customer
            self.customer = EmailUser.objects.get(email=self.customer.email)

    def test_check_identification_required_current_id(self):
        """
        Testing that a user can display the identification required page in the case the user has a
        current identification.
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))
        self.client.get(reverse('wl_applications:check_identification'))

        with open(TEST_ID_PATH, 'rb') as fp:
            self.customer.identification = Document.objects.create(name='test_id')
            self.customer.identification.file.save('test_id.jpg', File(fp), save=True)
            self.customer.save()

        # check that client is redirected to profile creation / selection page
        response = self.client.get(reverse('wl_applications:check_identification'), follow=True)
        self.assertRedirects(response, reverse('wl_applications:create_select_profile'),
                             status_code=302, target_status_code=200, fetch_redirect_response=True)

    def test_create_select_profile_create(self):
        """
        Testing that a user can display the create / select profile page and create a profile
        in the case the user has no profile
        """
        self.client.login(self.customer.email)

        original_profile_count = self.customer.profiles.count()

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        # check that client can access the profile create/select page
        response = self.client.get(reverse('wl_applications:create_select_profile'))
        self.assertEqual(200, response.status_code)

        # check there is not a profile selection form, meaning there is no profile
        self.assertFalse('profile_selection_form' in response.context)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001',
            'create': True
        }

        response = self.client.post(reverse('wl_applications:create_select_profile'), post_params)

        # check that client is redirected to enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # check that a new profile was created
        self.assertEqual(self.customer.profiles.count(), original_profile_count + 1)

        # check the created profile has been set in the application
        self.assertEquals(self.customer.profiles.first(), Application.objects.first().applicant_profile)

    def test_create_select_profile_select(self):
        """
        Testing that a user can display the create / select profile page and select a profile
        in the case the user has one or more existing profiles
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        # create profiles
        address1 = Address.objects.create(user=self.customer, line1='1 Test Street', locality='Test Suburb',
                                          state='WA', postcode='0001')
        profile1 = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
                                          institution='Test Institution', postal_address=address1)

        address2 = Address.objects.create(user=self.customer, line1='2 Test Street', locality='Test Suburb',
                                          state='WA', postcode='0001')
        profile2 = Profile.objects.create(user=self.customer, name='Test Profile 2', email='*****@*****.**',
                                          institution='Test Institution', postal_address=address2)

        # check that client can access the profile create/select page
        response = self.client.get(reverse('wl_applications:create_select_profile'))
        self.assertEqual(200, response.status_code)

        # check there is a profile selection form, meaning there at least one existing profile
        self.assertTrue('profile_selection_form' in response.context)

        post_params = {
            'profile': profile2.pk,
            'select': True
        }

        response = self.client.post(reverse('wl_applications:create_select_profile'), post_params)

        # check that client is redirected to enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # check the created profile has been set in the application
        self.assertEquals(profile2, Application.objects.first().applicant_profile)

    def test_enter_details_draft(self):
        """
        Testing that a user can enter the details of an application form and save as a draft
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        application = Application.objects.first()

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        # check that client can access the enter details page
        response = self.client.get(reverse('wl_applications:enter_details'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title-0-0': 'Test Title',
            'draft': True
        }

        response = self.client.post(reverse('wl_applications:enter_details'), post_params)

        # check that client is redirected to the dashboard
        self.assertRedirects(response, reverse('wl_dashboard:home'), status_code=302, target_status_code=200,
                             fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is draft
        self.assertEqual(application.processing_status, 'draft')

        # check that the state of the application is draft
        self.assertEqual(application.data[0]['project_details'][0]['project_title'], 'Test Title')

    def test_enter_details_draft_continue(self):
        """
        Testing that a user can enter the details of an application form and save as a draft
        and continue editing
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        application = Application.objects.first()

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        # check that client can access the enter details page
        response = self.client.get(reverse('wl_applications:enter_details'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title-0-0': 'Test Title',
            'draft_continue': True
        }

        response = self.client.post(reverse('wl_applications:enter_details'), post_params)

        # check that client is redirected back to enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is draft
        self.assertEqual(application.processing_status, 'draft')

        # check that the state of the application is draft
        self.assertEqual(application.data[0]['project_details'][0]['project_title'], 'Test Title')

    def test_enter_details_preview(self):
        """
        Testing that a user can enter the details of an application form and that the data is
        saved in the session for previewing
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        # check that client can access the enter details page
        response = self.client.get(reverse('wl_applications:enter_details'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title-0-0': 'Test Title',
            'lodge': True
        }

        response = self.client.post(reverse('wl_applications:enter_details'), post_params)

        # check that client is redirected to preview
        self.assertRedirects(response, reverse('wl_applications:preview'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        application = Application.objects.first()

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        # check that the state of the application is draft
        self.assertEqual(application.data[0]['project_details'][0]['project_title'], 'Test Title')

    def test_preview_lodge(self):
        """
        Testing that a user can preview the details of an application form then lodge the application
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        application = Application.objects.first()
        self.assertIsNotNone(application.applicant)

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        response = self.client.post(reverse('wl_applications:preview'))

        # check that client is redirected to checkout
        self.assertRedirects(response, reverse('wl_payments:checkout_application', args=(application.pk,)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # FIXME: simulate full checkout process instead of skipping
        self.client.get(reverse('wl_applications:complete'))

        application.refresh_from_db()

        # check that the state of the application is new
        self.assertEqual(application.processing_status, 'new')

    def test_delete_application(self):
        """
        Testing that when a user leaves the application entry workflow unexpectedly, the temporary application
        and session application reference they were working with are deleted.
        """
        self.client.login(self.customer.email)

        response = self.client.get(reverse('wl_applications:new_application'), follow=True)

        self.assertRedirects(response, reverse('wl_applications:select_licence_type'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        application_id = response.context['application'].id

        self.assertIn('application_id', self.client.session)

        self.assertEqual(application_id, self.client.session['application_id'])

        response = self.client.post(reverse('wl_applications:delete_application_session'), {
            'applicationId': application_id
        })

        self.assertEqual(response.status_code, 200)

        self.assertNotIn('application_id', self.client.session)

        self.assertFalse(Application.objects.filter(pk=application_id).exists())

        response = self.client.get(reverse('wl_applications:new_application'))

        self.assertRedirects(response, reverse('wl_applications:select_licence_type'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

    def test_multiple_application_entry_denied(self):
        """
        Testing the if a user is in the process of entering an application and attempts to start/edit/renew/amend
        another application, they are redirected back to home
        """
        entry_denied_message = ('There is currently another application in the process of being entered. Please ' +
                                'conclude or save this application before creating a new one. If you are seeing this ' +
                                'message and there is not another application being entered, you may need to '+ 
                                '<a href="{}">logout</a> and log in again.').format(reverse('accounts:logout'))

        self.client.login(self.customer.email)

        response = self.client.get(reverse('wl_applications:new_application'))

        self.assertRedirects(response, reverse('wl_applications:select_licence_type'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # attempt to start another new licence application
        response = self.client.get(reverse('wl_applications:new_application'), follow=True)

        self.assertRedirects(response, reverse('wl_dashboard:tables_customer'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        self.assertIn('messages', response.context)
        self.assertEquals(len(response.context['messages']), 1)
        self.assertEquals([str(m.message) for m in response.context['messages']][0], entry_denied_message)

        application = helpers.create_application(user=self.customer)

        # attempt to edit an application
        response = self.client.get(reverse('wl_applications:edit_application', args=(application.pk, )), follow=True)

        self.assertRedirects(response, reverse('wl_dashboard:tables_customer'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        self.assertIn('messages', response.context)
        self.assertEquals(len(response.context['messages']), 1)
        self.assertEquals([str(m.message) for m in response.context['messages']][0], entry_denied_message)

        application = helpers.create_and_lodge_application(user=self.customer)
        licence = helpers.issue_licence(application, licence_data = {
            'end_date': date.today() + relativedelta(days=30),
            'is_renewable': True
        })

        # attempt to renew a licence
        response = self.client.get(reverse('wl_applications:renew_licence', args=(licence.pk, )), follow=True)

        self.assertRedirects(response, reverse('wl_dashboard:tables_customer'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)


        self.assertIn('messages', response.context)
        self.assertEquals(len(response.context['messages']), 1)
        self.assertEquals([str(m.message) for m in response.context['messages']][0], entry_denied_message)

        response = self.client.get(reverse('wl_applications:amend_licence', args=(licence.pk, )), follow=True   )

        # attempt to amend a licence
        self.assertRedirects(response, reverse('wl_dashboard:tables_customer'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        self.assertIn('messages', response.context)
        self.assertEquals(len(response.context['messages']), 1)
        self.assertEquals([str(m.message) for m in response.context['messages']][0], entry_denied_message)
示例#9
0
class ApplicationEntrySecurity(TransactionTestCase):
    fixtures = ['licences.json']
    serialized_rollback = True

    def setUp(self):
        self.client = SocialClient()

    def tearDown(self):
        self.client.logout()

    def test_user_access_other_user(self):
        """
        Test that a user cannot edit/view another user application
        """
        customer1 = create_random_customer()
        customer2 = create_random_customer()
        self.assertNotEqual(customer1, customer2)

        application1 = helpers.create_application(user=customer1)
        application2 = helpers.create_application(user=customer2)
        self.assertNotEqual(application1, application2)

        # login as user1
        self.client.login(customer1.email)
        my_url = reverse('wl_applications:edit_application', args=[application1.pk])
        response = self.client.get(my_url)
        self.assertEqual(302, response.status_code)

        forbidden_urls = [
            reverse('wl_applications:edit_application', args=[application2.pk]),
        ]

        for forbidden_url in forbidden_urls:
            response = self.client.get(forbidden_url, follow=True)
            self.assertEqual(403, response.status_code)

    def test_user_access_lodged(self):
        """
        Once the application if lodged the user should not be able to edit it
        """
        customer1 = create_random_customer()
        self.client.login(customer1)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(1,)))

        application = Application.objects.first()
        self.assertIsNotNone(application)
        self.assertIsNotNone(application.applicant)

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        response = self.client.post(reverse('wl_applications:preview'))

        # check that client is redirected to checkout
        self.assertRedirects(response, reverse('wl_payments:checkout_application', args=(application.pk,)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # FIXME: simulate full checkout process instead of skipping
        self.client.get(reverse('wl_applications:complete'))

        application.refresh_from_db()

        # check that the state of the application is new/underreview
        self.assertEqual(application.processing_status, 'new')
        self.assertEqual('under_review', application.customer_status)

        response = self.client.get(reverse('wl_applications:edit_application', args=[application.pk]), follow=True)
        self.assertEqual(403, response.status_code)

    def test_user_not_logged_is_redirected_to_login(self):
        """
        A user not logged in should be redirected to the login page and not see a 403
        """
        customer1 = create_random_customer()
        self.client.login(customer1)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(1,)))

        application = Application.objects.first()
        self.assertIsNotNone(application)

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        response = self.client.post(reverse('wl_applications:preview'))

        # check that client is redirected to checkout
        self.assertRedirects(response, reverse('wl_payments:checkout_application', args=(application.pk,)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # FIXME: simulate full checkout process instead of skipping
        self.client.get(reverse('wl_applications:complete'))

        application.refresh_from_db()

        # check that the state of the application is new/underreview
        self.assertEqual(application.processing_status, 'new')
        self.assertEqual('under_review', application.customer_status)

        # logout
        self.client.logout()

        response = self.client.get(reverse('wl_applications:edit_application', args=[application.pk]), follow=True)
        self.assertEqual(200, response.status_code)
        self.assertTrue(is_login_page(response))
示例#10
0
文件: tests.py 项目: wilsonc86/ledger
class AccountsTestCase(TestCase):
    def setUp(self):
        create_default_country()
        self.customer = get_or_create_default_customer()

        self.officer = get_or_create_default_officer()

        self.client = SocialClient()

    def tearDown(self):
        self.client.logout()
        # clean id file
        if self.customer.identification:
            os.remove(self.customer.identification.path)

    def test_profile_list(self):
        """Testing that a user can display the profile list if they are a customer"""
        self.client.login(self.customer.email)

        # check that client can access the profile list
        response = self.client.get(reverse('wl_main:list_profiles'))
        self.assertEqual(200, response.status_code)

    def test_profile_list_non_customer(self):
        """Testing that a user cannot display the profile list if they are not a customer"""
        self.client.login(self.officer.email)

        # check that client gets redirected if they try to access the profile list
        response = self.client.get(reverse('wl_main:list_profiles'))
        self.assertEqual(403, response.status_code)

    def test_create_profile(self):
        """Testing that a user can create a profile"""
        self.client.login(self.customer.email)

        original_profile_count = Profile.objects.filter(user=self.customer).count()

        # check that client can access the create profile page
        response = self.client.get(reverse('wl_main:create_profile'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001'
        }

        response = self.client.post(reverse('wl_main:create_profile'), post_params)
        self.assertEqual(302, response.status_code)

        # check that a new profile has been created
        self.assertEquals(Profile.objects.filter(user=self.customer).count(), original_profile_count + 1)

    def test_edit_profile(self):
        """Testing that a user can edit an existing profile"""
        self.client.login(self.customer.email)

        # check no profile
        self.assertEquals(0, Profile.objects.filter(user=self.customer).count())
        # create original profile
        # address = Address.objects.create(line1='1 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        # profile = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
        #                                  institution='Test Institution', postal_address=address)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001'
        }
        response = self.client.post(reverse('wl_main:create_profile'), post_params)
        self.assertEqual(302, response.status_code)

        # check that one profile has been created
        self.assertEquals(1, Profile.objects.filter(user=self.customer).count())

        profile = Profile.objects.filter(user=self.customer).first()
        # check that client can access the edit profile page
        response = self.client.get(reverse('wl_main:edit_profile', args=(profile.pk,)))
        self.assertEqual(200, response.status_code)

        # updated profile
        post_params['name'] = 'Updated Profile'
        post_params['line1'] = 'New Line 1'
        response = self.client.post(reverse('wl_main:edit_profile', args=(profile.pk,)), post_params)
        self.assertEqual(302, response.status_code)

        # get updated profile
        self.assertEquals(1, Profile.objects.filter(user=self.customer).count())

        profile = Profile.objects.filter(user=self.customer).first()

        # check that the profile has been edited
        self.assertEquals(profile.name, 'Updated Profile')
        self.assertEquals(profile.postal_address.line1, 'New Line 1')

    def test_manage_id(self):
        """Testing that a user can access the manage identification page"""
        self.client.login(self.customer.email)

        # check that client can access the manage identification page
        response = self.client.get(reverse('wl_main:identification'))
        self.assertEqual(200, response.status_code)

    def test_upload_id(self):
        """Testing that a user can upload an ID image"""
        self.client.login(self.customer.email)
        self.assertIsNone(self.customer.identification)
        response = self.client.get(reverse('wl_main:identification'))
        self.assertEqual(200, response.status_code)
        response = upload_id(self.customer)
        self.assertEqual(200, response.status_code)

        # update customer
        self.customer.refresh_from_db()

        self.assertIsNotNone(self.customer.identification)
示例#11
0
class ReturnsTestCase(TestCase):
    fixtures = ['licences.json', 'countries.json', 'catalogue.json', 'partner.json', 'returns.json']

    def setUp(self):
        self.customer = get_or_create_default_customer(include_default_profile=True)
        self.officer = get_or_create_default_officer()

        self.client = SocialClient()

        self.licence = create_licence(self.customer, self.officer, product_title='regulation-17')
        self.ret = create_return(self.licence)

    def tearDown(self):
        self.client.logout()

    def test_returns_lodgement_page(self):
        """Testing that a user can access the returns lodgement page"""

        self.client.login(self.customer.email)

        # check that client can access the licence type selection list
        response = self.client.get(reverse('wl_returns:enter_return', args=(self.ret.pk,)))
        self.assertEqual(200, response.status_code)

    def test_lodge_nil_return(self):
        """Testing that a user can log a nil return"""

        self.client.login(self.customer.email)

        post_params = {
            'nil': True,
            'comments': 'No survey taken'
        }
        response = self.client.post(reverse('wl_returns:enter_return', args=(self.ret.pk,)),
                                    post_params)

        self.assertRedirects(response, reverse('home'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

    def test_upload_return_spreadsheet(self):
        """Testing that a user can upload a return spreadsheet"""

        self.client.login(self.customer.email)

        with open(TEST_SPREADSHEET_PATH, 'rb') as fp:
            post_params = {
                'upload': True,
                'spreadsheet_file': fp
            }
            response = self.client.post(reverse('wl_returns:enter_return', args=(self.ret.pk,)),
                                        post_params)

        self.assertEqual(200, response.status_code)

        # assert values in the response context match those in the spreadsheet
        for key, value in response.context['tables'][0]['data'][0].items():
            self.assertEqual(value['value'], TEST_VALUES[key])

    def test_lodge_return(self):
        """Testing that a user can lodge a return"""
        self.client.login(self.customer.email)

        # check return status is intially 'current'
        self.assertEqual(self.ret.status, 'current')

        post_params = {
            'lodge': True,
        }

        for key, value in TEST_VALUES.items():
            post_params['regulation-17::{}'.format(key)] = value

        response = self.client.post(reverse('wl_returns:enter_return', args=(self.ret.pk,)), post_params)

        self.assertRedirects(response, reverse('home'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        self.ret.refresh_from_db()

        # check return status is 'submitted'
        self.assertEqual(self.ret.status, 'submitted')

        # assert values in the return is what is expected
        for key, value in self.ret.returntable_set.first().returnrow_set.first().data.items():
            self.assertEqual(value, str(TEST_VALUES[key]))
示例#12
0
class TestPermissions(TestCase):
    fixtures = ['licences.json', 'countries.json', 'catalogue.json', 'partner.json', 'returns.json']

    def setUp(self):
        self.customer = get_or_create_default_customer(include_default_profile=True)
        self.officer = get_or_create_default_officer()
        self.assessor = get_or_create_default_assessor()
        self.not_allowed_customer = create_random_customer()
        self.assertNotEqual(self.not_allowed_customer, self.customer)

        self.client = SocialClient()
        self.licence = create_licence(self.customer, self.officer, product_title='regulation-17')
        self.ret = create_return(self.licence)

    def test_returns_lodgement_page(self):
        """
        Only officer or application owner can view returns
        """
        url = reverse('wl_returns:enter_return', args=(self.ret.pk,))
        allowed = [self.officer, self.customer]
        forbidden = [self.not_allowed_customer, self.assessor]

        for user in allowed:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(200, response.status_code)
            self.client.logout()

        for user in forbidden:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(403, response.status_code)
            self.client.logout()

    def test_readonly_view(self):
        """
        Only officer or application owner can enter returns
        """
        url = reverse('wl_returns:view_return', args=(self.ret.pk,))
        allowed = [self.officer, self.customer]
        forbidden = [self.not_allowed_customer, self.assessor]

        for user in allowed:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(200, response.status_code)
            self.client.logout()

        for user in forbidden:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(403, response.status_code)
            self.client.logout()

    def test_curate_view(self):
        """
        Only officer can curate returns
        """
        url = reverse('wl_returns:curate_return', args=(self.ret.pk,))
        allowed = [self.officer]
        forbidden = [self.not_allowed_customer, self.assessor, self.customer]

        for user in allowed:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(200, response.status_code)
            self.client.logout()

        for user in forbidden:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(403, response.status_code)
            self.client.logout()

    def test_view_log(self):
        """
        Only officer can view log
        """
        url = reverse('wl_returns:log_list', args=(self.ret.pk,))
        allowed = [self.officer]
        forbidden = [self.not_allowed_customer, self.assessor, self.customer]

        for user in allowed:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(200, response.status_code)
            self.client.logout()

        for user in forbidden:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(403, response.status_code)
            self.client.logout()

    def test_add_log(self):
        """
        Only officer can view log
        """
        url = reverse('wl_returns:add_log_entry', args=(self.ret.pk,))
        allowed = [self.officer]
        forbidden = [self.not_allowed_customer, self.assessor, self.customer]

        payload = {
            'to': 'user',
            'from': 'test',
            'type': 'email'
        }
        for user in allowed:
            self.client.login(user.email)
            response = self.client.post(url, data=payload)
            self.assertEqual(200, response.status_code)
            self.client.logout()

        for user in forbidden:
            self.client.login(user.email)
            response = self.client.post(url, data=payload)
            self.assertEqual(403, response.status_code)
            self.client.logout()

    def test_download_template(self):
        """
        Every authenticated user should be able to download a return template
        """
        return_type = self.ret.return_type
        url = reverse('wl_returns:download_return_template', args=(return_type.pk,))
        allowed = [self.officer, self.not_allowed_customer, self.assessor, self.customer]
        forbidden = []

        for user in allowed:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(200, response.status_code)
            self.client.logout()

        for user in forbidden:
            self.client.login(user.email)
            response = self.client.get(url)
            self.assertEqual(403, response.status_code)
            self.client.logout()
示例#13
0
class AccountsTestCase(TestCase):
    def setUp(self):
        self.customer = get_or_create_default_customer()

        self.officer = get_or_create_default_officer()

        self.client = SocialClient()

    def tearDown(self):
        self.client.logout()
        # clean id file
        if self.customer.identification:
            os.remove(self.customer.identification.path)

    def test_profile_list(self):
        """Testing that a user can display the profile list if they are a customer"""
        self.client.login(self.customer.email)

        # check that client can access the profile list
        response = self.client.get(reverse('wl_main:list_profiles'))
        self.assertEqual(200, response.status_code)

    def test_profile_list_non_customer(self):
        """Testing that a user cannot display the profile list if they are not a customer"""
        self.client.login(self.officer.email)

        # check that client gets redirected if they try to access the profile list
        response = self.client.get(reverse('wl_main:list_profiles'))
        self.assertEqual(302, response.status_code)

    def test_create_profile(self):
        """Testing that a user can create a profile"""
        self.client.login(self.customer.email)

        original_profile_count = Profile.objects.filter(user=self.customer).count()

        # check that client can access the create profile page
        response = self.client.get(reverse('wl_main:create_profile'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001'
        }

        response = self.client.post(reverse('wl_main:create_profile'), post_params)
        self.assertEqual(302, response.status_code)

        # check that a new profile has been created
        self.assertEquals(Profile.objects.filter(user=self.customer).count(), original_profile_count + 1)

    def test_edit_profile(self):
        """Testing that a user can edit an existing profile"""
        self.client.login(self.customer.email)

        # create original profile
        address = Address.objects.create(line1='1 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        profile = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
                                         institution='Test Institution', postal_address=address)

        # check that client can access the edit profile page
        response = self.client.get(reverse('wl_main:edit_profile', args=(profile.pk,)))
        self.assertEqual(200, response.status_code)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile 2',
            'email': profile.email,
            'institution': profile.institution,
            'line1': '2 Test Street',
            'locality': address.locality,
            'state': address.state,
            'country': 'AU',
            'postcode': address.postcode
        }

        response = self.client.post(reverse('wl_main:edit_profile', args=(profile.pk,)), post_params)
        self.assertEqual(302, response.status_code)

        # get updated profile
        profile = Profile.objects.get(pk=profile.pk)

        # check that the profile has been edited
        self.assertEquals(profile.name, 'Test Profile 2')
        self.assertEquals(profile.postal_address.line1, '2 Test Street')

    def test_manage_id(self):
        """Testing that a user can access the manage identification page"""
        self.client.login(self.customer.email)

        # check that client can access the manage identification page
        response = self.client.get(reverse('wl_main:identification'))
        self.assertEqual(200, response.status_code)

    def test_upload_id(self):
        """Testing that a user can upload an ID image"""
        self.client.login(self.customer.email)
        self.assertIsNone(self.customer.identification)
        response = self.client.get(reverse('wl_main:identification'))
        self.assertEqual(200, response.status_code)

        with open(TEST_ID_PATH, 'rb') as fp:
            post_params = {
                'identification_file': fp
            }
            self.client.login(self.customer.email)
            response = self.client.post(reverse('wl_main:identification'), post_params, follow=True)
            self.assertEqual(200, response.status_code)

            # update customer
            self.customer = EmailUser.objects.get(email=self.customer.email)

            self.assertIsNotNone(self.customer.identification)

            # assert image url is the customer ID's url path
            self.assertEqual(response.context['existing_id_image_url'], self.customer.identification.file.url)
示例#14
0
class ApplicationEntryTestCase(TestCase):
    fixtures = ['licences.json', 'catalogue.json', 'partner.json']

    def setUp(self):
        self.customer = get_or_create_default_customer()

        self.client = SocialClient()

        self.licence_type = WildlifeLicenceType.objects.get(
            product_code='regulation-17')
        self.licence_type.identification_required = True
        self.licence_type.save()

    def tearDown(self):
        self.client.logout()
        # clean id file
        if self.customer.identification:
            os.remove(self.customer.identification.path)

    def test_new_application(self):
        """Testing that a user begin the process of creating an application"""
        self.client.login(self.customer.email)

        original_application_count = Application.objects.count()

        # check that client can access the licence type selection list
        response = self.client.get(reverse('wl_applications:new_application'))

        self.assertRedirects(response,
                             reverse('wl_applications:select_licence_type'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

        self.assertEquals(Application.objects.count(),
                          original_application_count + 1)

        self.assertEqual(self.client.session['application_id'],
                         Application.objects.first().id)

    def test_select_licence_type(self):
        """Testing that a user can display the licence type selection list"""
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))

        # check that client can access the licence type selection list
        response = self.client.get(
            reverse('wl_applications:select_licence_type'))
        self.assertEqual(200, response.status_code)

        # check that client can select a licence type the licence type selection list
        response = self.client.get(
            reverse('wl_applications:select_licence_type',
                    args=(self.licence_type.pk, )))

        self.assertRedirects(response,
                             reverse('wl_applications:check_identification'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

    def test_check_identification_required_no_current_id(self):
        """Testing that a user can display the identification required page in the case the user has no
        current identification, and upload an ID.
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(
            reverse('wl_applications:select_licence_type',
                    args=(self.licence_type.pk, )))

        # check that client can access the identification required page
        response = self.client.get(
            reverse('wl_applications:check_identification'))
        self.assertEqual(200, response.status_code)

        with open(TEST_ID_PATH, 'rb') as fp:
            post_params = {'identification_file': fp}
            response = self.client.post(
                reverse('wl_applications:check_identification'),
                post_params,
                follow=True)

            self.assertRedirects(
                response,
                reverse('wl_applications:create_select_profile'),
                status_code=302,
                target_status_code=200,
                fetch_redirect_response=True)

            # update customer
            self.customer = EmailUser.objects.get(email=self.customer.email)

    def test_check_identification_required_current_id(self):
        """Testing that a user can display the identification required page in the case the user has a
        current identification.
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(
            reverse('wl_applications:select_licence_type',
                    args=(self.licence_type.pk, )))
        self.client.get(reverse('wl_applications:check_identification'))

        with open(TEST_ID_PATH, 'rb') as fp:
            self.customer.identification = Document.objects.create(
                name='test_id')
            self.customer.identification.file.save('test_id.jpg',
                                                   File(fp),
                                                   save=True)
            self.customer.save()

        # check that client is redirected to profile creation / selection page
        response = self.client.get(
            reverse('wl_applications:check_identification'), follow=True)
        self.assertRedirects(response,
                             reverse('wl_applications:create_select_profile'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=True)

    def test_create_select_profile_create(self):
        """Testing that a user can display the create / select profile page and create a profile
        in the case the user has no profile
        """
        self.client.login(self.customer.email)

        original_profile_count = self.customer.profiles.count()

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(
            reverse('wl_applications:select_licence_type',
                    args=(self.licence_type.pk, )))

        # check that client can access the profile create/select page
        response = self.client.get(
            reverse('wl_applications:create_select_profile'))
        self.assertEqual(200, response.status_code)

        # check there is not a profile selection form, meaning there is no profile
        self.assertFalse('profile_selection_form' in response.context)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001',
            'create': True
        }

        response = self.client.post(
            reverse('wl_applications:create_select_profile'), post_params)

        # check that client is redirected to enter details page
        self.assertRedirects(response,
                             reverse('wl_applications:enter_details'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

        # check that a new profile was created
        self.assertEqual(self.customer.profiles.count(),
                         original_profile_count + 1)

        # check the created profile has been set in the application
        self.assertEquals(self.customer.profiles.first(),
                          Application.objects.first().applicant_profile)

    def test_create_select_profile_select(self):
        """Testing that a user can display the create / select profile page and select a profile
        in the case the user has one or more existing profiles
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(
            reverse('wl_applications:select_licence_type',
                    args=(self.licence_type.pk, )))

        # create profiles
        address1 = Address.objects.create(user=self.customer,
                                          line1='1 Test Street',
                                          locality='Test Suburb',
                                          state='WA',
                                          postcode='0001')
        profile1 = Profile.objects.create(user=self.customer,
                                          name='Test Profile',
                                          email='*****@*****.**',
                                          institution='Test Institution',
                                          postal_address=address1)

        address2 = Address.objects.create(user=self.customer,
                                          line1='2 Test Street',
                                          locality='Test Suburb',
                                          state='WA',
                                          postcode='0001')
        profile2 = Profile.objects.create(user=self.customer,
                                          name='Test Profile 2',
                                          email='*****@*****.**',
                                          institution='Test Institution',
                                          postal_address=address2)

        # check that client can access the profile create/select page
        response = self.client.get(
            reverse('wl_applications:create_select_profile'))
        self.assertEqual(200, response.status_code)

        # check there is a profile selection form, meaning there at least one existing profile
        self.assertTrue('profile_selection_form' in response.context)

        post_params = {'profile': profile2.pk, 'select': True}

        response = self.client.post(
            reverse('wl_applications:create_select_profile'), post_params)

        # check that client is redirected to enter details page
        self.assertRedirects(response,
                             reverse('wl_applications:enter_details'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

        # check the created profile has been set in the application
        self.assertEquals(profile2,
                          Application.objects.first().applicant_profile)

    def test_enter_details_draft(self):
        """Testing that a user can enter the details of an application form and save as a draft
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(
            reverse('wl_applications:select_licence_type',
                    args=(self.licence_type.pk, )))

        application = Application.objects.first()

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        # check that client can access the enter details page
        response = self.client.get(reverse('wl_applications:enter_details'))
        self.assertEqual(200, response.status_code)

        post_params = {'project_title-0-0': 'Test Title', 'draft': True}

        response = self.client.post(reverse('wl_applications:enter_details'),
                                    post_params)

        # check that client is redirected to the dashboard
        self.assertRedirects(response,
                             reverse('wl_dashboard:home'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is draft
        self.assertEqual(application.processing_status, 'draft')

        # check that the state of the application is draft
        self.assertEqual(
            application.data[0]['project_details'][0]['project_title'],
            'Test Title')

    def test_enter_details_draft_continue(self):
        """Testing that a user can enter the details of an application form and save as a draft
        and continue editing"""
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(
            reverse('wl_applications:select_licence_type',
                    args=(self.licence_type.pk, )))

        application = Application.objects.first()

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        # check that client can access the enter details page
        response = self.client.get(reverse('wl_applications:enter_details'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title-0-0': 'Test Title',
            'draft_continue': True
        }

        response = self.client.post(reverse('wl_applications:enter_details'),
                                    post_params)

        # check that client is redirected back to enter details page
        self.assertRedirects(response,
                             reverse('wl_applications:enter_details'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is draft
        self.assertEqual(application.processing_status, 'draft')

        # check that the state of the application is draft
        self.assertEqual(
            application.data[0]['project_details'][0]['project_title'],
            'Test Title')

    def test_enter_details_preview(self):
        """Testing that a user can enter the details of an application form and that the data is
        saved in the session for previewing
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(
            reverse('wl_applications:select_licence_type',
                    args=(self.licence_type.pk, )))

        # check that client can access the enter details page
        response = self.client.get(reverse('wl_applications:enter_details'))
        self.assertEqual(200, response.status_code)

        post_params = {'project_title-0-0': 'Test Title', 'lodge': True}

        response = self.client.post(reverse('wl_applications:enter_details'),
                                    post_params)

        # check that client is redirected to preview
        self.assertRedirects(response,
                             reverse('wl_applications:preview'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

        application = Application.objects.first()

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        # check that the state of the application is draft
        self.assertEqual(
            application.data[0]['project_details'][0]['project_title'],
            'Test Title')

    def test_preview_lodge(self):
        """Testing that a user can preview the details of an application form then lodge the application
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(
            reverse('wl_applications:select_licence_type',
                    args=(self.licence_type.pk, )))

        application = Application.objects.first()
        self.assertIsNotNone(application.applicant)

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        response = self.client.post(reverse('wl_applications:preview'),
                                    follow=True)

        # check that client is redirected to complete
        self.assertRedirects(response,
                             reverse('wl_applications:complete'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is new
        self.assertEqual(application.processing_status, 'new')
示例#15
0
class ApplicationEntryTestCase(TestCase):
    fixtures = ['licences.json', 'catalogue.json', 'partner.json']

    def setUp(self):
        helpers.create_default_country()
        self.customer = get_or_create_default_customer()

        self.client = SocialClient()

        self.licence_type = WildlifeLicenceType.objects.get(product_title='regulation-17')
        self.licence_type.identification_required = True
        self.licence_type.save()

    def tearDown(self):
        self.client.logout()
        # clean id file
        if self.customer.identification:
            os.remove(self.customer.identification.path)

    def test_new_application(self):
        """Testing that a user begin the process of creating an application"""
        self.client.login(self.customer.email)

        original_application_count = Application.objects.count()

        # check that client can access the licence type selection list
        response = self.client.get(reverse('wl_applications:new_application'))

        self.assertRedirects(response, reverse('wl_applications:select_licence_type'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        self.assertEquals(Application.objects.count(), original_application_count + 1)

        self.assertEqual(self.client.session['application_id'], Application.objects.first().id)

    def test_select_licence_type(self):
        """Testing that a user can display the licence type selection list"""
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))

        # check that client can access the licence type selection list
        response = self.client.get(reverse('wl_applications:select_licence_type'))
        self.assertEqual(200, response.status_code)

        # check that client can select a licence type the licence type selection list
        response = self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        self.assertRedirects(response, reverse('wl_applications:check_identification'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

    def test_check_identification_required_no_current_id(self):
        """Testing that a user can display the identification required page in the case the user has no
        current identification, and upload an ID.
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        # check that client can access the identification required page
        response = self.client.get(reverse('wl_applications:check_identification'))
        self.assertEqual(200, response.status_code)

        with open(TEST_ID_PATH, 'rb') as fp:
            post_params = {
                'identification_file': fp
            }
            response = self.client.post(reverse('wl_applications:check_identification'),
                                        post_params, follow=True)

            self.assertRedirects(response, reverse('wl_applications:create_select_profile'),
                                 status_code=302, target_status_code=200, fetch_redirect_response=True)

            # update customer
            self.customer = EmailUser.objects.get(email=self.customer.email)

    def test_check_identification_required_current_id(self):
        """Testing that a user can display the identification required page in the case the user has a
        current identification.
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))
        self.client.get(reverse('wl_applications:check_identification'))

        with open(TEST_ID_PATH, 'rb') as fp:
            self.customer.identification = Document.objects.create(name='test_id')
            self.customer.identification.file.save('test_id.jpg', File(fp), save=True)
            self.customer.save()

        # check that client is redirected to profile creation / selection page
        response = self.client.get(reverse('wl_applications:check_identification'), follow=True)
        self.assertRedirects(response, reverse('wl_applications:create_select_profile'),
                             status_code=302, target_status_code=200, fetch_redirect_response=True)

    def test_create_select_profile_create(self):
        """Testing that a user can display the create / select profile page and create a profile
        in the case the user has no profile
        """
        self.client.login(self.customer.email)

        original_profile_count = self.customer.profiles.count()

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        # check that client can access the profile create/select page
        response = self.client.get(reverse('wl_applications:create_select_profile'))
        self.assertEqual(200, response.status_code)

        # check there is not a profile selection form, meaning there is no profile
        self.assertFalse('profile_selection_form' in response.context)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001',
            'create': True
        }

        response = self.client.post(reverse('wl_applications:create_select_profile'), post_params)

        # check that client is redirected to enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # check that a new profile was created
        self.assertEqual(self.customer.profiles.count(), original_profile_count + 1)

        # check the created profile has been set in the application
        self.assertEquals(self.customer.profiles.first(), Application.objects.first().applicant_profile)

    def test_create_select_profile_select(self):
        """Testing that a user can display the create / select profile page and select a profile
        in the case the user has one or more existing profiles
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        # create profiles
        address1 = Address.objects.create(user=self.customer, line1='1 Test Street', locality='Test Suburb', 
                                          state='WA', postcode='0001')
        profile1 = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
                                          institution='Test Institution', postal_address=address1)

        address2 = Address.objects.create(user=self.customer, line1='2 Test Street', locality='Test Suburb', 
                                          state='WA', postcode='0001')
        profile2 = Profile.objects.create(user=self.customer, name='Test Profile 2', email='*****@*****.**',
                                          institution='Test Institution', postal_address=address2)

        # check that client can access the profile create/select page
        response = self.client.get(reverse('wl_applications:create_select_profile'))
        self.assertEqual(200, response.status_code)

        # check there is a profile selection form, meaning there at least one existing profile
        self.assertTrue('profile_selection_form' in response.context)

        post_params = {
            'profile': profile2.pk,
            'select': True
        }

        response = self.client.post(reverse('wl_applications:create_select_profile'), post_params)

        # check that client is redirected to enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # check the created profile has been set in the application
        self.assertEquals(profile2, Application.objects.first().applicant_profile)

    def test_enter_details_draft(self):
        """Testing that a user can enter the details of an application form and save as a draft
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        application = Application.objects.first()

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        # check that client can access the enter details page
        response = self.client.get(reverse('wl_applications:enter_details'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title-0-0': 'Test Title',
            'draft': True
        }

        response = self.client.post(reverse('wl_applications:enter_details'), post_params)

        # check that client is redirected to the dashboard
        self.assertRedirects(response, reverse('wl_dashboard:home'), status_code=302, target_status_code=200,
                             fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is draft
        self.assertEqual(application.processing_status, 'draft')

        # check that the state of the application is draft
        self.assertEqual(application.data[0]['project_details'][0]['project_title'], 'Test Title')

    def test_enter_details_draft_continue(self):
        """Testing that a user can enter the details of an application form and save as a draft
        and continue editing"""
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        application = Application.objects.first()

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        # check that client can access the enter details page
        response = self.client.get(reverse('wl_applications:enter_details'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title-0-0': 'Test Title',
            'draft_continue': True
        }

        response = self.client.post(reverse('wl_applications:enter_details'), post_params)

        # check that client is redirected back to enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is draft
        self.assertEqual(application.processing_status, 'draft')

        # check that the state of the application is draft
        self.assertEqual(application.data[0]['project_details'][0]['project_title'], 'Test Title')

    def test_enter_details_preview(self):
        """Testing that a user can enter the details of an application form and that the data is
        saved in the session for previewing
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        # check that client can access the enter details page
        response = self.client.get(reverse('wl_applications:enter_details'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title-0-0': 'Test Title',
            'lodge': True
        }

        response = self.client.post(reverse('wl_applications:enter_details'), post_params)

        # check that client is redirected to preview
        self.assertRedirects(response, reverse('wl_applications:preview'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        application = Application.objects.first()

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        # check that the state of the application is draft
        self.assertEqual(application.data[0]['project_details'][0]['project_title'], 'Test Title')

    def test_preview_lodge(self):
        """Testing that a user can preview the details of an application form then lodge the application
        """
        self.client.login(self.customer.email)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(self.licence_type.pk,)))

        application = Application.objects.first()
        self.assertIsNotNone(application.applicant)

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        response = self.client.post(reverse('wl_applications:preview'))

        # check that client is redirected to checkout
        self.assertRedirects(response, reverse('wl_payments:checkout_application', args=(application.pk,)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is new
        self.assertEqual(application.processing_status, 'new')
示例#16
0
class ApplicationEntrySecurity(TestCase):
    def setUp(self):
        self.client = SocialClient()

    def test_user_access_other_user(self):
        """
        Test that a user cannot edit/view another user application
        """
        customer1 = create_random_customer()
        customer2 = create_random_customer()
        self.assertNotEqual(customer1, customer2)
        application1 = helpers.create_application(user=customer1)
        application2 = helpers.create_application(user=customer2)
        self.assertNotEqual(application1, application2)

        # login as user1
        self.client.login(customer1.email)
        my_url = reverse('applications:enter_details_existing_application',
                         args=[application1.licence_type.code, application1.pk])
        response = self.client.get(my_url)
        self.assertEqual(200, response.status_code)

        forbidden_urls = [
            reverse('applications:edit_application', args=[application2.licence_type.code, application2.pk]),
            reverse('applications:enter_details_existing_application',
                    args=[application2.licence_type.code, application2.pk]),
            reverse('applications:preview', args=[application2.licence_type.code, application2.pk])
        ]

        for forbidden_url in forbidden_urls:
            response = self.client.get(forbidden_url, follow=True)
            self.assertEqual(403, response.status_code)

    def test_user_access_lodged(self):
        """
        Once the application if lodged the user should not be able to edit it
        """
        customer1 = create_random_customer()
        # login as user1
        self.client.login(customer1.email)

        application = helpers.create_application(user=customer1)
        self.assertEqual('draft', application.customer_status)
        my_urls = [
            reverse('applications:edit_application', args=[application.licence_type.code, application.pk]),
            reverse('applications:enter_details_existing_application',
                    args=[application.licence_type.code, application.pk]),
            reverse('applications:preview', args=[application.licence_type.code, application.pk])
        ]
        for url in my_urls:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code,
                             msg="Wrong status code {1} for {0}".format(url, response.status_code))

        # lodge the application
        url = reverse('applications:preview', args=[application.licence_type.code, application.pk])
        session = self.client.session
        session['application'] = {
            'profile': application.applicant_profile.pk,
            'data': {
                'project_title': 'Test'
            }
        }
        session.save()
        self.client.post(url)
        application.refresh_from_db()
        self.assertEqual('under_review', application.customer_status)
        for url in my_urls:
            response = self.client.get(url, follow=True)
            self.assertEqual(403, response.status_code)

    def test_user_not_logged_is_redirected_to_login(self):
        """
        A user not logged in should be redirected to the login page and not see a 403
        """
        customer1 = create_random_customer()
        application = helpers.create_application(user=customer1)
        self.assertEqual('draft', application.customer_status)
        my_urls = [
            reverse('applications:edit_application', args=[application.licence_type.code, application.pk]),
            reverse('applications:enter_details_existing_application',
                    args=[application.licence_type.code, application.pk]),
            reverse('applications:preview', args=[application.licence_type.code, application.pk])
        ]
        for url in my_urls:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code,
                             msg="Wrong status code {1} for {0}".format(url, response.status_code))
            self.assertTrue(is_login_page(response))

        # lodge the application
        self.client.login(customer1.email)
        url = reverse('applications:preview', args=[application.licence_type.code, application.pk])
        session = self.client.session
        session['application'] = {
            'profile': application.applicant_profile.pk,
            'data': {
                'project_title': 'Test'
            }
        }
        session.save()
        self.client.post(url)
        application.refresh_from_db()
        self.assertEqual('under_review', application.customer_status)
        # logout
        self.client.logout()
        for url in my_urls:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code)
            self.assertTrue(is_login_page(response))
示例#17
0
class TestApplicationDiscardView(TestCase):
    """
    Rules of discard:
    If draft not submitted -> delete the app
    otherwise -> flag as discarded
    @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2833&project_id=24

    External person must be able to discard application pushed back .
    @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2743&project_id=24
    """
    fixtures = ['licences.json', 'catalogue.json', 'partner.json']

    def setUp(self):
        self.client = SocialClient()
        self.officer = helpers.get_or_create_default_officer()
        self.applicant = get_or_create_default_customer()
        self.assertNotEqual(self.officer, self.applicant)

    def tearDown(self):
        self.client.logout()
        clear_mailbox()

    def test_cannot_discard(self):
        """
        Test that an application cannot be discarded if it hasn't been pushed back to the applicant.
        Formally its processing status must be in the list of Application.CUSTOMER_DISCARDABLE_STATE
        :return:
        """
        # lodge application
        application = helpers.create_and_lodge_application(self.applicant)
        self.assertFalse(application.is_discardable)

        # try to discard with get or post
        previous_processing_status = application.processing_status
        previous_customer_status = application.customer_status
        url = reverse('wl_applications:discard_application', args=[application.pk])
        self.client.login(self.applicant.email)
        self.assertTrue(is_client_authenticated(self.client))
        resp = self.client.get(url, follow=True)
        application.refresh_from_db()
        # status should be unchanged
        self.assertNotEqual(application.processing_status, 'discarded')
        self.assertNotEqual(application.customer_status, 'discarded')
        self.assertEqual(application.processing_status, previous_processing_status)
        self.assertEqual(application.customer_status, previous_customer_status)
        # the response should have an error message
        self.assertTrue(has_response_error_messages(resp))

        # same with post method
        resp = self.client.post(url, follow=True)
        application.refresh_from_db()
        # status should be unchanged
        self.assertNotEqual(application.processing_status, 'discarded')
        self.assertNotEqual(application.customer_status, 'discarded')
        self.assertEqual(application.processing_status, previous_processing_status)
        self.assertEqual(application.customer_status, previous_customer_status)
        # the response should have an error message
        self.assertTrue(has_response_error_messages(resp))

    def test_pushed_back_application_discarded_not_deleted(self):
        # lodge application
        application = helpers.create_and_lodge_application(self.applicant)
        self.assertFalse(application.is_discardable)
        # officer request amendment
        url = reverse('wl_applications:amendment_request')
        self.client.login(self.officer.email)
        resp = self.client.post(url, data={
            'application': application.pk,
            'officer': self.officer.pk,
            'reason': 'missing_information'
        })
        self.assertEquals(resp.status_code, 200)
        application.refresh_from_db()
        # application should now be discardable
        self.assertTrue(application.is_discardable)
        # but not deletable
        self.assertFalse(application.is_deletable)

        # discard
        self.client.logout()
        clear_mailbox()
        self.client.login(self.applicant.email)
        self.assertTrue(is_client_authenticated(self.client))
        url = reverse('wl_applications:discard_application', args=[application.pk])
        # the get should not discard but return a confirm page
        previous_processing_status = application.processing_status
        previous_customer_status = application.customer_status
        resp = self.client.get(url)
        self.assertEquals(resp.status_code, 200)
        # test that there's a cancel_url in the context of the response and an action_url that is set to the proper url
        self.assertTrue('cancel_url' in resp.context)
        self.assertEqual(resp.context['cancel_url'], reverse('wl_dashboard:home'))
        self.assertTrue('action_url' in resp.context)
        self.assertEquals(resp.context['action_url'], url)
        application.refresh_from_db()
        # status should be unchanged
        self.assertNotEqual(application.processing_status, 'discarded')
        self.assertNotEqual(application.customer_status, 'discarded')
        self.assertEqual(application.processing_status, previous_processing_status)
        self.assertEqual(application.customer_status, previous_customer_status)

        # actual discard
        resp = self.client.post(url, data=None, follow=True)
        self.assertEquals(resp.status_code, 200)
        application.refresh_from_db()
        self.assertEqual(application.processing_status, 'discarded')
        self.assertEqual(application.customer_status, 'discarded')
        # there should be a message
        self.assertTrue(has_response_messages(resp))
        self.assertFalse(has_response_error_messages(resp))

    def test_not_submitted_draft_are_deleted(self):
        """
        This is the happy path and the only use case where the application can be deleted.
        User create application, save as draft and delete it
        """
        self.client.login(self.applicant.email)
        application = helpers.create_application(self.applicant)
        self.assertEquals(application.customer_status, 'temp')
        self.assertFalse(application.is_discardable)

        # save application as a draft
        helpers.set_application_session(self.client, application)
        pk = self.client.session['application_id']
        self.assertEqual(application.pk, pk)
        url = reverse('wl_applications:enter_details')
        data = {
            'draft': 'draft'
        }
        resp = self.client.post(url, data=data, follow=True)
        self.assertEqual(resp.status_code, 200)
        application.refresh_from_db()
        self.assertEquals(application.customer_status, 'draft')

        # application should now be discardable
        self.assertTrue(application.is_discardable)
        # and deletable
        self.assertTrue(application.is_deletable)

        # discard
        url = reverse('wl_applications:discard_application', args=[application.pk])
        # the get should not delete but return a confirm page
        previous_processing_status = application.processing_status
        previous_customer_status = application.customer_status
        resp = self.client.get(url, follow=True)
        self.assertEquals(resp.status_code, 200)
        # test that there's a cancel_url in the context of the response and an action_url that is set to the proper url
        self.assertTrue('cancel_url' in resp.context)
        self.assertEqual(resp.context['cancel_url'], reverse('wl_dashboard:home'))
        self.assertTrue('action_url' in resp.context)
        self.assertEquals(resp.context['action_url'], url)
        # Application should not be deleted
        application = Application.objects.filter(pk=application.pk).first()
        self.assertIsNotNone(application)
        # status should be unchanged
        self.assertEqual(application.processing_status, previous_processing_status)
        self.assertEqual(application.customer_status, previous_customer_status)

        # actual discard
        resp = self.client.post(url, data=None, follow=True)
        self.assertEquals(resp.status_code, 200)
        # Application should now be deleted
        application = Application.objects.filter(pk=application.pk).first()
        self.assertIsNone(application)

    def test_submitted_draft_cannot_be_deleted(self):
        """
        Use case:
        Applicant lodge an application.
        Officer send it back to him with amendments requested
        Applicant reopen it and save it as a draft
        At this stage the user should not be able to delete it because it has already been lodged
        """
        # lodge application
        application = helpers.create_and_lodge_application(self.applicant)
        # application should not be discardable
        self.assertFalse(application.is_discardable)
        # and not deletable
        self.assertFalse(application.is_deletable)

        # officer request amendment
        url = reverse('wl_applications:amendment_request')
        self.client.login(self.officer.email)
        resp = self.client.post(url, data={
            'application': application.pk,
            'officer': self.officer.pk,
            'reason': 'missing_information'
        })
        self.assertEquals(resp.status_code, 200)
        application.refresh_from_db()
        self.client.logout()

        self.client.login(self.applicant.email)
        url = reverse('wl_applications:edit_application', args=[application.pk])
        self.client.get(url, follow=True)
        # save as draft
        data = {
            'draft': 'draft',
            'data': application.data
        }
        url = reverse('wl_applications:enter_details')
        resp = self.client.post(url, data, follow=True)
        self.assertEqual(resp.status_code, 200)
        application.refresh_from_db()
        self.assertEqual(application.customer_status, 'draft')
        # application should now be discardable
        self.assertTrue(application.is_discardable)
        # and not deletable
        self.assertFalse(application.is_deletable)

        # actual discard
        url = reverse('wl_applications:discard_application', args=[application.pk])
        resp = self.client.post(url, follow=True)
        # application should not be deleted
        application = Application.objects.filter(pk=application.pk).first()
        self.assertIsNotNone(application)
        # but in a discarded state
        self.assertEqual(application.processing_status, 'discarded')
        self.assertEqual(application.customer_status, 'discarded')
        # there should be a message
        self.assertTrue(has_response_messages(resp))
        self.assertFalse(has_response_error_messages(resp))
示例#18
0
class TestStatusLifeCycle(TestCase):
    fixtures = ['licences.json']

    def setUp(self):
        self.client = SocialClient()
        self.officer = get_or_create_default_officer()
        self.user = get_or_create_default_customer()
        self.assertNotEqual(self.officer, self.user)

    def tearDown(self):
        self.client.logout()
        clear_mailbox()
        clear_all_id_files()

    def test_id_update(self):
        """
        Test that when an ID update is required and the users update their ID the customer and id status are correctly
         updated
        """
        application = create_and_lodge_application(self.user)
        self.client.login(self.officer.email)
        self.assertTrue(is_client_authenticated(self.client))
        clear_mailbox()
        data = {
            'officer': self.officer.pk,
            'application': application.pk,
            'reason': IDRequest.REASON_CHOICES[0][0],
            'text': 'you to upload an ID.'
        }
        url = reverse('wl_applications:id_request')
        self.assertFalse(is_email())
        response = self.client.post(url, data)
        self.assertEqual(200, response.status_code)
        resp_data = json.loads(response.content.decode('utf8'))
        self.assertIn('id_check_status', resp_data)
        self.assertIn('processing_status', resp_data)
        application.refresh_from_db()
        self.assertEqual('id_required', application.customer_status)
        self.assertEqual('awaiting_update', application.id_check_status)
        self.assertEqual('awaiting_applicant_response',
                         application.processing_status)
        self.assertTrue(is_email())
        email = get_email()
        self.assertIn(application.applicant_profile.email, email.to)
        self.assertEqual(ApplicationIDUpdateRequestedEmail.subject,
                         email.subject)

        # now user upload ID
        self.client.logout()
        self.assertIsNone(self.user.identification)
        self.client.login(self.user.email)
        self.assertTrue(is_client_authenticated(self.client))
        self.client.get(reverse('wl_main:identification'))
        upload_id(self.user)
        self.user.refresh_from_db()
        self.assertIsNotNone(self.user.identification)
        application.refresh_from_db()
        self.assertEqual('updated', application.id_check_status)
        self.assertEqual('under_review', application.customer_status)
        self.assertEqual('ready_for_action', application.processing_status)

    def test_issued_status_after_entering_condition(self):
        """
        Test that if an application has been issued, entering condition leave the status as issued
        @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2736&project_id=24
        """
        application = create_and_lodge_application(self.user)
        # set some conditions
        url = reverse('wl_applications:enter_conditions',
                      args=[application.pk])
        condition = get_or_create_condition('0001', {"text": "For unit test"})
        data = {'conditionID': [condition.pk]}
        self.client.login(self.officer.email)
        self.assertTrue(is_client_authenticated(self.client))
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        self.assertEquals(application.processing_status, 'ready_to_issue')

        # issue licence
        url = reverse('wl_applications:issue_licence', args=[application.pk])
        today = datetime.date.today()
        tomorrow = today + datetime.timedelta(days=1)
        data = {
            'regions': [G(Region).pk],
            'return_frequency': -1,
            'issue_date': str(today),
            'start_date': str(today),
            'end_date': str(tomorrow)
        }
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        self.assertEquals(application.processing_status, 'issued')

        # now repost conditions
        url = reverse('wl_applications:enter_conditions',
                      args=[application.pk])
        condition = get_or_create_condition('0001', {"text": "For unit test"})
        data = {'conditionID': [condition.pk]}
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        # status should not be 'ready_to_issue' but 'issued'
        expected_status = 'issued'
        self.assertEquals(application.processing_status, expected_status)

    def test_issued_declined_licences_cannot_be_assessed(self):
        """
        Test that if a licence has been issued or application declined, assessments can no longer be done.
        @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2743&project_id=24
        """
        # create application to issue
        application = create_and_lodge_application(self.user)

        # send out assessment
        assessment = get_or_create_assessment(application)
        self.assertEquals(assessment.status, 'awaiting_assessment')

        self.client.login(self.officer.email)

        # issue licence
        url = reverse('wl_applications:issue_licence', args=[application.pk])
        today = datetime.date.today()
        tomorrow = today + datetime.timedelta(days=1)
        data = {
            'regions': [G(Region).pk],
            'return_frequency': -1,
            'issue_date': str(today),
            'start_date': str(today),
            'end_date': str(tomorrow)
        }
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        self.assertEquals(application.processing_status, 'issued')

        assessment.refresh_from_db()
        self.assertEquals(assessment.status, 'assessment_expired')

        # create application to decline
        application = create_and_lodge_application(self.user)

        # send out assessment
        assessment = get_or_create_assessment(application)
        self.assertEquals(assessment.status, 'awaiting_assessment')

        # decline licence
        resp = self.client.post(reverse('wl_applications:process',
                                        args=[application.pk]),
                                data={'decline': True},
                                follow=True)
        self.assertEquals(200, resp.status_code)

        assessment.refresh_from_db()
        self.assertEquals(assessment.status, 'assessment_expired')

    def test_declined_applications_status(self):
        """
        Test that if an application has been declined, the officer and customer will both have a declined status
        @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2741&project_id=24
        """
        # create application to decline
        application = create_and_lodge_application(self.user)

        self.client.login(self.officer.email)

        # decline licence
        resp = self.client.post(reverse('wl_applications:process',
                                        args=[application.pk]),
                                data={
                                    'decline': True,
                                    'reason': 'N/A'
                                },
                                follow=True)
        self.assertEquals(200, resp.status_code)

        application.refresh_from_db()

        self.assertEquals(application.customer_status, 'declined')
        self.assertEquals(application.processing_status, 'declined')

        # Test that the reason is stored
        details = ApplicationDeclinedDetails.objects.filter(
            application=application).first()
        self.assertIsNotNone(details)
        self.assertEqual(application, details.application)
        self.assertEqual(self.officer, details.officer)
        self.assertEquals('N/A', details.reason)
示例#19
0
class TestStatusLifeCycle(TestCase):
    fixtures = ['licences.json']

    def setUp(self):
        self.client = SocialClient()
        self.officer = get_or_create_default_officer()
        self.user = get_or_create_default_customer()
        self.assertNotEqual(self.officer, self.user)

    def tearDown(self):
        self.client.logout()
        clear_mailbox()
        clear_all_id_files()

    def test_id_update(self):
        """
        Test that when an ID update is required and the users update their ID the customer and id status are correctly
         updated
        """
        application = create_and_lodge_application(self.user)
        self.client.login(self.officer.email)
        self.assertTrue(is_client_authenticated(self.client))
        clear_mailbox()
        data = {
            'officer': self.officer.pk,
            'application': application.pk,
            'reason': IDRequest.REASON_CHOICES[0][0],
            'text': 'you to upload an ID.'
        }
        url = reverse('wl_applications:id_request')
        self.assertFalse(is_email())
        response = self.client.post(url, data)
        self.assertEqual(200, response.status_code)
        resp_data = json.loads(response.content.decode('utf8'))
        self.assertIn('id_check_status', resp_data)
        self.assertIn('processing_status', resp_data)
        application.refresh_from_db()
        self.assertEqual('id_required', application.customer_status)
        self.assertEqual('awaiting_update', application.id_check_status)
        self.assertEqual('awaiting_applicant_response',
                         application.processing_status)
        self.assertTrue(is_email())
        email = get_email()
        self.assertIn(application.applicant_profile.email, email.to)
        self.assertEqual(ApplicationIDUpdateRequestedEmail.subject,
                         email.subject)

        # now user upload ID
        self.client.logout()
        self.assertIsNone(self.user.identification)
        self.client.login(self.user.email)
        self.assertTrue(is_client_authenticated(self.client))
        self.client.get(reverse('wl_main:identification'))
        upload_id(self.user)
        self.user.refresh_from_db()
        self.assertIsNotNone(self.user.identification)
        application.refresh_from_db()
        self.assertEqual('updated', application.id_check_status)
        self.assertEqual('under_review', application.customer_status)
        self.assertEqual('ready_for_action', application.processing_status)

    def test_application_amendment(self):
        """
        Test that when an amendment is required, the user receives an email and can amend their application. When the
        user relodged, the officer can see the amendment and set the review status accordingly.
        """
        application = create_and_lodge_application(self.user)
        self.assertFalse(application.can_user_edit)

        self.client.login(self.officer.email)

        post_data = {
            'officer': self.officer.pk,
            'application': application.pk,
            'reason': AmendmentRequest.REASON_CHOICES[0][0],
            'text': 'Application needs more data'
        }

        response = self.client.post(
            reverse('wl_applications:amendment_request'), post_data)

        self.assertEqual(200, response.status_code)

        resp_data = json.loads(response.content.decode('utf8'))

        application.refresh_from_db()

        self.assertIn('review_status', resp_data)
        self.assertEquals(resp_data['review_status'],
                          utils.REVIEW_STATUSES[application.review_status])
        self.assertIn('processing_status', resp_data)
        self.assertEquals(
            resp_data['processing_status'],
            utils.PROCESSING_STATUSES[application.processing_status])

        self.assertEqual(application.customer_status, 'amendment_required')
        self.assertEqual(application.processing_status,
                         'awaiting_applicant_response')
        self.assertEqual(application.review_status, 'awaiting_amendments')

        amendment_request = AmendmentRequest.objects.filter(
            application=application).first()

        self.assertIsNotNone(amendment_request)

        self.assertEquals(amendment_request.status, 'requested')

        self.assertTrue(is_email())
        email = get_email()
        self.assertIn(application.applicant_profile.email, email.to)
        self.assertEqual(ApplicationAmendmentRequestedEmail.subject,
                         email.subject)

        # user logs in
        self.client.logout()
        self.client.login(self.user.email)

        self.assertTrue(application.can_user_edit)

        response = self.client.get(reverse('wl_applications:edit_application',
                                           args=(application.pk, )),
                                   follow=True)

        # check that client will be redirected to the enter details page
        self.assertRedirects(response,
                             reverse('wl_applications:enter_details'),
                             status_code=302,
                             target_status_code=200)

        # edit and resubmit data
        post_params = {'project_title-0-0': 'New Title', 'lodge': True}

        response = self.client.post(reverse('wl_applications:enter_details'),
                                    post_params)

        # check that client is redirected to preview
        self.assertRedirects(response,
                             reverse('wl_applications:preview'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

        response = self.client.post(reverse('wl_applications:preview'))

        # FIXME: simulate full checkout process instead of skipping
        self.client.get(reverse('wl_applications:complete'))

        application.refresh_from_db()

        self.assertFalse(application.can_user_edit)

        self.assertEqual(
            application.data[0]['project_details'][0]['project_title'],
            'New Title')

        self.assertEqual(application.customer_status, 'under_review')
        self.assertEqual(application.processing_status, 'ready_for_action')
        self.assertEqual(application.review_status, 'amended')

        amendment_request.refresh_from_db()

        self.assertEquals(amendment_request.status, 'amended')

        # officer logs in
        self.client.logout()
        self.client.login(self.officer.email)

        post_data = {'applicationID': application.id, 'status': 'accepted'}

        response = self.client.post(
            reverse('wl_applications:set_review_status'), post_data)

        self.assertEquals(response.status_code, 200)

        application.refresh_from_db()

        self.assertEquals(application.review_status, 'accepted')

    def test_character_check(self):
        """
        Test that the character check shows for questionable characters
        """
        self.user.character_flagged = True
        self.user.save()
        application = create_and_lodge_application(self.user)

        self.assertEquals(application.character_check_status, 'not_checked')

        self.client.login(self.officer.email)

        response = self.client.get(
            reverse('wl_applications:process', args=(application.pk, )))

        self.assertContains(response,
                            '<span class="glyphicon glyphicon-user"></span>')

        post_data = {'applicationID': application.id, 'status': 'accepted'}

        response = self.client.post(
            reverse('wl_applications:set_character_check_status'), post_data)

        self.assertEquals(response.status_code, 200)

        application.refresh_from_db()

        self.assertEquals(application.character_check_status, 'accepted')

    def test_issued_status_after_entering_condition(self):
        """
        Test that if an application has been issued, entering condition leave the status as issued
        @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2736&project_id=24
        """
        application = create_and_lodge_application(self.user)
        # set some conditions
        url = reverse('wl_applications:enter_conditions',
                      args=[application.pk])
        condition = get_or_create_condition('0001', {"text": "For unit test"})
        data = {'conditionID': [condition.pk]}
        self.client.login(self.officer.email)
        self.assertTrue(is_client_authenticated(self.client))
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        self.assertEquals(application.processing_status, 'ready_to_issue')

        # issue licence
        url = reverse('wl_applications:issue_licence', args=[application.pk])
        today = datetime.date.today()
        tomorrow = today + datetime.timedelta(days=1)
        data = {
            'regions': [G(Region).pk],
            'return_frequency': -1,
            'issue_date': str(today),
            'start_date': str(today),
            'end_date': str(tomorrow)
        }
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        self.assertEquals(application.processing_status, 'issued')

        # now repost conditions
        url = reverse('wl_applications:enter_conditions',
                      args=[application.pk])
        condition = get_or_create_condition('0001', {"text": "For unit test"})
        data = {'conditionID': [condition.pk]}
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        # status should not be 'ready_to_issue' but 'issued'
        expected_status = 'issued'
        self.assertEquals(application.processing_status, expected_status)

    def test_issued_declined_licences_cannot_be_assessed(self):
        """
        Test that if a licence has been issued or application declined, assessments can no longer be done.
        @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2743&project_id=24
        """
        # create application to issue
        application = create_and_lodge_application(self.user)

        # send out assessment
        assessment = get_or_create_assessment(application)
        self.assertEquals(assessment.status, 'awaiting_assessment')

        self.client.login(self.officer.email)

        # issue licence
        url = reverse('wl_applications:issue_licence', args=[application.pk])
        today = datetime.date.today()
        tomorrow = today + datetime.timedelta(days=1)
        data = {
            'regions': [G(Region).pk],
            'return_frequency': -1,
            'issue_date': str(today),
            'start_date': str(today),
            'end_date': str(tomorrow)
        }
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        self.assertEquals(application.processing_status, 'issued')

        assessment.refresh_from_db()
        self.assertEquals(assessment.status, 'assessment_expired')

        # create application to decline
        application = create_and_lodge_application(self.user)

        # send out assessment
        assessment = get_or_create_assessment(application)
        self.assertEquals(assessment.status, 'awaiting_assessment')

        # decline licence
        resp = self.client.post(reverse('wl_applications:process',
                                        args=[application.pk]),
                                data={'decline': True},
                                follow=True)
        self.assertEquals(200, resp.status_code)

        assessment.refresh_from_db()
        self.assertEquals(assessment.status, 'assessment_expired')

    def test_declined_applications_status(self):
        """
        Test that if an application has been declined, the officer and customer will both have a declined status
        @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2741&project_id=24
        """
        # create application to decline
        application = create_and_lodge_application(self.user)

        self.client.login(self.officer.email)

        # decline licence
        resp = self.client.post(reverse('wl_applications:process',
                                        args=[application.pk]),
                                data={
                                    'decline': True,
                                    'reason': 'N/A'
                                },
                                follow=True)
        self.assertEquals(200, resp.status_code)

        application.refresh_from_db()

        self.assertEquals(application.customer_status, 'declined')
        self.assertEquals(application.processing_status, 'declined')

        # Test that the reason is stored
        details = ApplicationDeclinedDetails.objects.filter(
            application=application).first()
        self.assertIsNotNone(details)
        self.assertEqual(application, details.application)
        self.assertEqual(self.officer, details.officer)
        self.assertEquals('N/A', details.reason)
示例#20
0
class AccountsTestCase(TestCase):
    def setUp(self):
        create_default_country()
        self.customer = get_or_create_default_customer()

        self.officer = get_or_create_default_officer()

        self.client = SocialClient()

    def tearDown(self):
        self.client.logout()
        # clean id file
        if self.customer.identification:
            os.remove(self.customer.identification.path)

    def test_search_customers(self):
        """Testing that searching customers will return the right customer(s) and only customers"""
        self.client.login(self.officer.email)

        user_1, _ = get_or_create_user({
            'first_name': 'Some',
            'last_name': 'Guy',
            'email': '*****@*****.**',
            'dob': datetime.date(1989, 8, 12),
        })

        user_2, _ = get_or_create_user({
            'first_name': 'Some Other',
            'last_name': 'Guy',
            'email': '*****@*****.**',
            'dob': datetime.date(1998, 8, 12),
        })

        # search for users by common part of first name - both users should be found
        response = self.client.get('{}?q={}'.format(reverse('wl_main:search_customers'), 'some'))
        self.assertEqual(200, response.status_code)

        json_response = response.json()

        self.assertEqual(len(json_response), 2)

        # make user_2 an officer and check that only user_1 is found by search for common part of first name
        add_to_group(user_2, 'officers')

        response = self.client.get('{}?q={}'.format(reverse('wl_main:search_customers'), 'some'))
        self.assertEqual(200, response.status_code)

        json_response = response.json()

        self.assertEqual(len(json_response), 1)

        self.assertEqual(json_response[0]['id'], user_1.id)
        self.assertEqual(json_response[0]['text'], user_1.get_full_name_dob())

    def test_profile_list(self):
        """Testing that a user can display the profile list if they are a customer"""
        self.client.login(self.customer.email)

        # check that client can access the profile list
        response = self.client.get(reverse('wl_main:list_profiles'))
        self.assertEqual(200, response.status_code)

    def test_profile_list_non_customer(self):
        """Testing that a user cannot display the profile list if they are not a customer"""
        self.client.login(self.officer.email)

        # check that client gets redirected if they try to access the profile list
        response = self.client.get(reverse('wl_main:list_profiles'))
        self.assertEqual(302, response.status_code)

    def test_create_profile(self):
        """Testing that a user can create a profile"""
        self.client.login(self.customer.email)

        original_profile_count = Profile.objects.filter(user=self.customer).count()

        # check that client can access the create profile page
        response = self.client.get(reverse('wl_main:create_profile'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001'
        }

        response = self.client.post(reverse('wl_main:create_profile'), post_params)
        self.assertEqual(302, response.status_code)

        # check that a new profile has been created
        self.assertEquals(Profile.objects.filter(user=self.customer).count(), original_profile_count + 1)

    def test_edit_profile(self):
        """Testing that a user can edit an existing profile"""
        self.client.login(self.customer.email)

        # check no profile
        self.assertEquals(0, Profile.objects.filter(user=self.customer).count())
        # create original profile
        # address = Address.objects.create(line1='1 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        # profile = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
        #                                  institution='Test Institution', postal_address=address)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001'
        }
        response = self.client.post(reverse('wl_main:create_profile'), post_params)
        self.assertEqual(302, response.status_code)

        # check that one profile has been created
        self.assertEquals(1, Profile.objects.filter(user=self.customer).count())

        profile = Profile.objects.filter(user=self.customer).first()
        # check that client can access the edit profile page
        response = self.client.get(reverse('wl_main:edit_profile', args=(profile.pk,)))
        self.assertEqual(200, response.status_code)

        # updated profile
        post_params['name'] = 'Updated Profile'
        post_params['line1'] = 'New Line 1'
        response = self.client.post(reverse('wl_main:edit_profile', args=(profile.pk,)), post_params)
        self.assertEqual(302, response.status_code)

        # get updated profile
        self.assertEquals(1, Profile.objects.filter(user=self.customer).count())

        profile = Profile.objects.filter(user=self.customer).first()

        # check that the profile has been edited
        self.assertEquals(profile.name, 'Updated Profile')
        self.assertEquals(profile.postal_address.line1, 'New Line 1')

    def test_manage_id(self):
        """Testing that a user can access the manage identification page"""
        self.client.login(self.customer.email)

        # check that client can access the manage identification page
        response = self.client.get(reverse('wl_main:identification'))
        self.assertEqual(200, response.status_code)

    def test_upload_id(self):
        """Testing that a user can upload an ID image"""
        self.client.login(self.customer.email)
        self.assertIsNone(self.customer.identification)
        response = self.client.get(reverse('wl_main:identification'))
        self.assertEqual(200, response.status_code)
        response = upload_id(self.customer)
        self.assertEqual(200, response.status_code)

        # update customer
        self.customer.refresh_from_db()

        self.assertIsNotNone(self.customer.identification)
示例#21
0
class ApplicationEntryTestCase(TestCase):
    def setUp(self):
        self.customer = create_default_customer()

        self.client = SocialClient()

        licence_type = WildlifeLicenceType.objects.get(code='regulation17')
        licence_type.identification_required = True
        licence_type.save()

    def tearDown(self):
        self.client.logout()
        # clean id file
        if self.customer.identification:
            os.remove(self.customer.identification.path)

    def test_select_licence_type(self):
        """Testing that a user can display the licence type selection list"""
        self.client.login(self.customer.email)

        # check that client can access the licence type selection list
        response = self.client.get(reverse('applications:select_licence_type'))
        self.assertEqual(200, response.status_code)

    def test_check_identification_required_no_current_id(self):
        """Testing that a user can display the identification required page in the case the user has no
        current identification, and upload an ID.
        """
        self.client.login(self.customer.email)

        # check that client can access the identification required page
        response = self.client.get(reverse('applications:check_identification', args=('regulation17',)))
        self.assertEqual(200, response.status_code)

        with open(TEST_ID_PATH) as fp:
            post_params = {
                'identification_file': fp
            }
            response = self.client.post(reverse('applications:check_identification', args=('regulation17',)),
                                        post_params)

            self.assertRedirects(response, reverse('applications:create_select_profile', args=('regulation17',)),
                                 status_code=302, target_status_code=200, fetch_redirect_response=False)

            # update customer
            self.customer = EmailUser.objects.get(email=self.customer.email)

            # assert customer's ID is the uploaded file
            self.assertEqual(self.customer.identification.filename, 'test_id.jpg')

    def test_check_identification_required_current_id(self):
        """Testing that a user can display the identification required page in the case the user has a
        current identification.
        """
        self.client.login(self.customer.email)

        with open(TEST_ID_PATH) as fp:
            self.customer.identification = Document.objects.create(name='test_id')
            self.customer.identification.file.save('test_id.jpg', File(fp), save=True)
            self.customer.save()

        # check that client is redirected to profile creation / selection page
        response = self.client.get(reverse('applications:check_identification', args=('regulation17',)))
        self.assertRedirects(response, reverse('applications:create_select_profile', args=('regulation17',)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

    def test_create_select_profile_create(self):
        """Testing that a user can display the create / select profile page and create a profile
        in the case the user has no profile
        """
        self.client.login(self.customer.email)

        original_profile_count = self.customer.profile_set.count()

        # create the application dict in the session first
        # the session must be stored in a variable in order to be modifyable
        # https://docs.djangoproject.com/en/1.9/topics/testing/tools/#persistent-state
        session = self.client.session
        session['application'] = {}
        session.save()

        # check that client can access the profile create/select page
        response = self.client.get(reverse('applications:create_select_profile', args=('regulation17',)))
        self.assertEqual(200, response.status_code)

        # check there is not a profile selection form, meaning there is no profile
        self.assertFalse('profile_selection_form' in response.context)

        post_params = {
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001',
            'create': True
        }

        response = self.client.post(reverse('applications:create_select_profile', args=('regulation17',)), post_params)

        # check that client is redirected to enter details page
        self.assertRedirects(response, reverse('applications:enter_details', args=('regulation17',)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # chech that a new profile was created
        self.assertEqual(self.customer.profile_set.count(), original_profile_count + 1)

        # check the created profile has been set in the session
        self.assertTrue('profile' in self.client.session['application'])

    def test_create_select_profile_select(self):
        """Testing that a user can display the create / select profile page and select a profile
        in the case the user has one or more existing profiles
        """
        self.client.login(self.customer.email)

        # create profiles
        address1 = Address.objects.create(line1='1 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
                               institution='Test Institution', postal_address=address1)

        address2 = Address.objects.create(line1='2 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        profile2 = Profile.objects.create(user=self.customer, name='Test Profile 2', email='*****@*****.**',
                                          institution='Test Institution', postal_address=address2)

        # create the application dict in the session first
        # the session must be stored in a variable in order to be modifyable
        # https://docs.djangoproject.com/en/1.9/topics/testing/tools/#persistent-state
        session = self.client.session
        session['application'] = {}
        session.save()

        # check that client can access the profile create/select page
        response = self.client.get(reverse('applications:create_select_profile', args=('regulation17',)))
        self.assertEqual(200, response.status_code)

        # check there is a profile selection form, meaning there at least one existing profile
        self.assertTrue('profile_selection_form' in response.context)

        post_params = {
            'profile': profile2.pk,
            'select': True
        }

        response = self.client.post(reverse('applications:create_select_profile', args=('regulation17',)), post_params)

        # check that client is redirected to enter details page
        self.assertRedirects(response, reverse('applications:enter_details', args=('regulation17',)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # check the profile has been set in the session
        self.assertTrue('profile' in self.client.session['application'])

        # check that the profile in the session is the selected profile
        self.assertEqual(self.client.session['application']['profile'], profile2.pk)

    def test_enter_details_draft(self):
        """Testing that a user can enter the details of an application form and save as a draft
        """
        self.client.login(self.customer.email)

        # create profiles
        address = Address.objects.create(line1='1 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        profile = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
                                         institution='Test Institution', postal_address=address)

        # create the application dict in the session first
        # the session must be stored in a variable in order to be modifyable
        # https://docs.djangoproject.com/en/1.9/topics/testing/tools/#persistent-state
        session = self.client.session
        session['application'] = {'profile': profile.pk}
        session.save()

        original_applications_count = profile.application_set.count()

        # check that client can access the enter details page
        response = self.client.get(reverse('applications:enter_details', args=('regulation17',)))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title': 'Test Title',
            'draft': True
        }

        response = self.client.post(reverse('applications:enter_details', args=('regulation17',)), post_params)

        # check that client is redirected to the dashboard
        self.assertRedirects(response, reverse('dashboard:home'), status_code=302, target_status_code=200,
                             fetch_redirect_response=False)

        # check that a new application was created
        self.assertEqual(profile.application_set.count(), original_applications_count + 1)

        # check that the state of the application is draft
        self.assertEqual(profile.application_set.first().processing_status, 'draft')

    def test_enter_details_draft_continue(self):
        """Testing that a user can enter the details of an application form and save as a draft
        and continue editing"""
        self.client.login(self.customer.email)

        # create profiles
        address = Address.objects.create(line1='1 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        profile = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
                                         institution='Test Institution', postal_address=address)

        # create the application dict in the session first
        # the session must be stored in a variable in order to be modifyable
        # https://docs.djangoproject.com/en/1.9/topics/testing/tools/#persistent-state
        session = self.client.session
        session['application'] = {'profile': profile.pk}
        session.save()

        original_applications_count = profile.application_set.count()

        # check that client can access the enter details page
        response = self.client.get(reverse('applications:enter_details', args=('regulation17',)))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title': 'Test Title',
            'draft_continue': True
        }

        response = self.client.post(reverse('applications:enter_details', args=('regulation17',)), post_params)

        # check that client is redirected to enter details page
        self.assertRedirects(response, reverse('applications:enter_details',
                                               args=('regulation17', profile.application_set.first().pk)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        # check that a new application was created
        self.assertEqual(profile.application_set.count(), original_applications_count + 1)

        # check that the state of the application is draft
        self.assertEqual(profile.application_set.first().processing_status, 'draft')

    def test_enter_details_preview(self):
        """Testing that a user can enter the details of an application form and that the data is
        saved in the session for previewing
        """
        self.client.login(self.customer.email)

        # create profiles
        address = Address.objects.create(line1='1 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        profile = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
                                         institution='Test Institution', postal_address=address)

        # create the application dict in the session first
        # the session must be stored in a variable in order to be modifyable
        # https://docs.djangoproject.com/en/1.9/topics/testing/tools/#persistent-state
        session = self.client.session
        session['application'] = {'profile': profile.pk}
        session.save()

        # check that client can access the enter details page
        response = self.client.get(reverse('applications:enter_details', args=('regulation17',)))
        self.assertEqual(200, response.status_code)

        post_params = {
            'project_title': 'Test Title',
            'lodge': True
        }

        response = self.client.post(reverse('applications:enter_details', args=('regulation17',)), post_params)

        # check the data has been set in the session
        self.assertTrue('data' in self.client.session['application'])

        # check that the profile in the session is the selected profile
        self.assertEqual(self.client.session['application']['data'].get('project_title', ''), 'Test Title')

    def test_enter_details_lodge(self):
        """Testing that a user can preview the details of an application form then lodge the application
        """
        self.client.login(self.customer.email)

        # create profiles
        address = Address.objects.create(line1='1 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        profile = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
                                         institution='Test Institution', postal_address=address)

        # create the application dict in the session first
        # the session must be stored in a variable in order to be modifyable
        # https://docs.djangoproject.com/en/1.9/topics/testing/tools/#persistent-state
        session = self.client.session
        session['application'] = {'profile': profile.pk, 'data': {'project_title': 'Test Title'}}
        session.save()

        original_applications_count = profile.application_set.count()

        # check that client can access the enter details page
        response = self.client.get(reverse('applications:preview', args=('regulation17',)))
        self.assertEqual(200, response.status_code)

        post_params = {
            'lodge': True
        }

        response = self.client.post(reverse('applications:preview', args=('regulation17',)), post_params)

        # chech that a new applicaiton was created
        self.assertEqual(profile.application_set.count(), original_applications_count + 1)

        # check that the state of the application is draft
        self.assertEqual(profile.application_set.first().processing_status, 'new')
示例#22
0
class TestViewAccess(TestCase):
    def setUp(self):
        self.client = SocialClient()
        self.user = get_or_create_default_customer()
        self.officer = get_or_create_default_officer()
        self.application = create_and_lodge_application(
            self.user, **{'data': {
                'title': 'My Application'
            }})
        self.process_urls_get = [
            reverse('wl_applications:process', args=[self.application.pk]),
        ]

        self.process_urls_post = [
            {
                'url':
                reverse('wl_applications:process', args=[self.application.pk]),
                'data': {
                    'applicationID': self.application.pk,
                }
            },
            {
                'url': reverse('wl_applications:assign_officer'),
                'data': {
                    'applicationID': self.application.pk,
                    'userID': self.officer.pk,
                }
            },
            {
                'url': reverse('wl_applications:set_id_check_status'),
                'data': {
                    'applicationID': self.application.pk,
                    'status': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:id_request'),
                'data': {
                    'applicationID': self.application.pk,
                }
            },
            {
                'url': reverse('wl_applications:set_character_check_status'),
                'data': {
                    'applicationID': self.application.pk,
                    'status': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:set_review_status'),
                'data': {
                    'applicationID': self.application.pk,
                    'status': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:amendment_request'),
                'data': {
                    'applicationID': self.application.pk,
                }
            },
            {
                'url': reverse('wl_applications:send_for_assessment'),
                'data': {
                    'applicationID': self.application.pk,
                    'assGroupID': get_or_create_default_assessor_group().pk,
                    'status': 'awaiting_assessment'
                }
            },
            {
                'url': reverse('wl_applications:remind_assessment'),
                'data': {
                    'applicationID': self.application.pk,
                    'assessmentID':
                    get_or_create_assessment(self.application).pk
                }
            },
        ]

    def tearDown(self):
        self.client.logout()

    def test_customer_access(self):
        """
         A Customer cannot access any URL
        """
        # not logged-in
        for url in self.process_urls_get:
            response = self.client.get(url, follow=True)
            self.assertTrue(is_login_page(response))

        for url in self.process_urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertTrue(is_login_page(response))

        # logged-in. Should redirect to dashboard
        self.client.login(self.user.email)
        for url in self.process_urls_get:
            response = self.client.get(url, follow=True)
            self.assertRedirects(response,
                                 reverse('wl_dashboard:tables_customer'),
                                 status_code=302,
                                 target_status_code=200)
        for url in self.process_urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertRedirects(response,
                                 reverse('wl_dashboard:tables_customer'),
                                 status_code=302,
                                 target_status_code=200)

    def test_officer_access(self):
        self.client.login(self.officer.email)
        for url in self.process_urls_get:
            response = self.client.get(url, follow=False)
            self.assertEqual(200, response.status_code)
        for url in self.process_urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEquals(200, response.status_code)
示例#23
0
class TestViewAccess(TestCase):
    fixtures = ['licences.json', 'conditions.json', 'returns.json']

    def setUp(self):
        self.client = SocialClient()
        self.user = get_or_create_default_customer()
        self.officer = get_or_create_default_officer()
        self.application = app_helpers.create_and_lodge_application(
            self.user, **{'data': {
                'title': 'My Application'
            }})
        self.assessment = app_helpers.get_or_create_assessment(
            self.application)
        self.condition = Condition.objects.first()
        self.assessment_condition = AssessmentCondition.objects.create(
            assessment=self.assessment, condition=self.condition, order=1)

        self.urls_get = [
            reverse('wl_applications:enter_conditions',
                    args=[self.application.pk]),
            reverse('wl_applications:search_conditions')
        ]

        self.urls_post = [
            {
                'url':
                reverse('wl_applications:create_condition',
                        args=[self.application.pk]),
                'data': {
                    'code': '123488374',
                    'text': 'condition text'
                }
            },
            {
                'url':
                reverse('wl_applications:set_assessment_condition_state'),
                'data': {
                    'assessmentConditionID': self.assessment_condition.pk,
                    'acceptanceStatus': 'accepted',
                }
            },
            {
                'url':
                reverse('wl_applications:enter_conditions',
                        args=[self.application.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]

    def tearDown(self):
        self.client.logout()

    def test_customer_access(self):
        """
         A Customer cannot access any URL
        """
        # not logged-in
        for url in self.urls_get:
            response = self.client.get(url, follow=True)
            self.assertTrue(is_login_page(response))

        for url in self.urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertTrue(is_login_page(response))

        # logged-in. Should throw a 403 or redirect to login
        self.client.login(self.user.email)
        for url in self.urls_get:
            response = self.client.get(url, follow=True)
            if response.status_code != 403:
                self.assertRedirects(response,
                                     reverse('wl_dashboard:tables_customer'),
                                     status_code=302,
                                     target_status_code=200)
        for url in self.urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            if response.status_code != 403:
                self.assertRedirects(response,
                                     reverse('wl_dashboard:tables_customer'),
                                     status_code=302,
                                     target_status_code=200)

    def test_officer_access(self):
        """
        Officer should be able to access any views
        """
        self.client.login(self.officer.email)
        for url in self.urls_get:
            response = self.client.get(url, follow=False)
            self.assertEqual(200, response.status_code)
        for url in self.urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEquals(200, response.status_code)

    def test_assessor_access_limited(self):
        """
        Test that an assessor cannot edit an assessment that doesn't belong to their group
        All accessor can search conditions
        """
        assessor = get_or_create_default_assessor()
        self.client.login(assessor.email)
        # This assessor doesn't belong to a group
        self.assertTrue(is_assessor(assessor))
        self.assertFalse(get_user_assessor_groups(assessor))

        # forbidden
        urls_get_forbidden = [
            reverse('wl_applications:enter_conditions',
                    args=[self.application.pk]),
            reverse('wl_applications:enter_conditions_assessor',
                    args=[self.application.pk, self.assessment.pk]),
        ]
        urls_post_forbidden = [
            {
                'url':
                reverse('wl_applications:create_condition',
                        args=[self.application.pk]),
                'data': {
                    'code': '123488374',
                    'text': 'condition text'
                }
            },
            {
                'url':
                reverse('wl_applications:set_assessment_condition_state'),
                'data': {
                    'assessmentConditionID': self.assessment_condition.pk,
                    'acceptanceStatus': 'accepted',
                }
            },
            {
                'url':
                reverse('wl_applications:enter_conditions',
                        args=[self.application.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
            {
                'url':
                reverse('wl_applications:enter_conditions_assessor',
                        args=[self.application.pk, self.assessment.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        # Allowed
        urls_get_allowed = [reverse('wl_applications:search_conditions')]
        urls_post_allowed = []
        for url in urls_get_forbidden:
            response = self.client.get(url, follow=True)
            if response.status_code != 403:
                self.assertRedirects(response,
                                     reverse('wl_dashboard:tables_assessor'),
                                     status_code=302,
                                     target_status_code=200)
        for url in urls_post_forbidden:
            response = self.client.post(url['url'], url['data'], follow=True)
            if response.status_code != 403:
                self.assertRedirects(response,
                                     reverse('wl_dashboard:tables_assessor'),
                                     status_code=302,
                                     target_status_code=200)
        for url in urls_get_allowed:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code)

        for url in urls_post_allowed:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEqual(200, response.status_code)

    def test_assessor_access_normal(self):
        """
        Test that an assessor can edit an assessment that belongs to their group
        """
        assessor = get_or_create_default_assessor()
        self.client.login(assessor.email)
        # This assessor doesn't belong to a group
        self.assertTrue(is_assessor(assessor))
        # add the assessor to the assessment group
        self.assertTrue(
            Assessment.objects.filter(
                application=self.application).count() > 0)
        for assessment in Assessment.objects.filter(
                application=self.application):
            add_assessor_to_assessor_group(assessor, assessment.assessor_group)

        # forbidden
        urls_get_forbidden = [
            reverse('wl_applications:enter_conditions',
                    args=[self.application.pk]),
        ]
        urls_post_forbidden = [
            {
                'url':
                reverse('wl_applications:create_condition',
                        args=[self.application.pk]),
                'data': {
                    'code': '123488374',
                    'text': 'condition text'
                }
            },
            {
                'url':
                reverse('wl_applications:set_assessment_condition_state'),
                'data': {
                    'assessmentConditionID': self.assessment_condition.pk,
                    'acceptanceStatus': 'accepted',
                }
            },
            {
                'url':
                reverse('wl_applications:enter_conditions',
                        args=[self.application.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        # Allowed
        urls_get_allowed = [
            reverse('wl_applications:search_conditions'),
            reverse('wl_applications:enter_conditions_assessor',
                    args=[self.application.pk, self.assessment.pk]),
        ]
        urls_post_allowed = [
            {
                'url':
                reverse('wl_applications:enter_conditions_assessor',
                        args=[self.application.pk, self.assessment.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        for url in urls_get_forbidden:
            response = self.client.get(url, follow=True)
            if response.status_code != 403:
                self.assertRedirects(response,
                                     reverse('wl_dashboard:tables_assessor'),
                                     status_code=302,
                                     target_status_code=200)
        for url in urls_post_forbidden:
            response = self.client.post(url['url'], url['data'], follow=True)
            if response.status_code != 403:
                self.assertRedirects(response,
                                     reverse('wl_dashboard:tables_assessor'),
                                     status_code=302,
                                     target_status_code=200)
        for url in urls_get_allowed:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code)

        for url in urls_post_allowed:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEqual(200, response.status_code)
示例#24
0
class TestStatusLifeCycle(TestCase):
    fixtures = ['licences.json']

    def setUp(self):
        self.client = SocialClient()
        self.officer = get_or_create_default_officer()
        self.user = get_or_create_default_customer()
        self.assertNotEqual(self.officer, self.user)

    def tearDown(self):
        self.client.logout()
        clear_mailbox()
        clear_all_id_files()

    def test_id_update(self):
        """
        Test that when an ID update is required and the users update their ID the customer and id status are correctly
         updated
        """
        application = create_and_lodge_application(self.user)
        self.client.login(self.officer.email)
        self.assertTrue(is_client_authenticated(self.client))
        clear_mailbox()
        data = {
            'officer': self.officer.pk,
            'application': application.pk,
            'reason': IDRequest.REASON_CHOICES[0][0],
            'text': 'you to upload an ID.'
        }
        url = reverse('wl_applications:id_request')
        self.assertFalse(is_email())
        response = self.client.post(url, data)
        self.assertEqual(200, response.status_code)
        resp_data = json.loads(response.content.decode('utf8'))
        self.assertIn('id_check_status', resp_data)
        self.assertIn('processing_status', resp_data)
        application.refresh_from_db()
        self.assertEqual('id_required', application.customer_status)
        self.assertEqual('awaiting_update', application.id_check_status)
        self.assertEqual('awaiting_applicant_response', application.processing_status)
        self.assertTrue(is_email())
        email = get_email()
        self.assertIn(application.applicant_profile.email, email.to)
        self.assertEqual(ApplicationIDUpdateRequestedEmail.subject, email.subject)

        # now user upload ID
        self.client.logout()
        self.assertIsNone(self.user.identification)
        self.client.login(self.user.email)
        self.assertTrue(is_client_authenticated(self.client))
        self.client.get(reverse('wl_main:identification'))
        upload_id(self.user)
        self.user.refresh_from_db()
        self.assertIsNotNone(self.user.identification)
        application.refresh_from_db()
        self.assertEqual('updated', application.id_check_status)
        self.assertEqual('under_review', application.customer_status)
        self.assertEqual('ready_for_action', application.processing_status)

    def test_application_amendment(self):
        """
        Test that when an amendment is required, the user receives an email and can amend their application. When the
        user relodged, the officer can see the amendment and set the review status accordingly.
        """
        application = create_and_lodge_application(self.user)
        self.assertFalse(application.can_user_edit)

        self.client.login(self.officer.email)

        post_data = {
            'officer': self.officer.pk,
            'application': application.pk,
            'reason': AmendmentRequest.REASON_CHOICES[0][0],
            'text': 'Application needs more data'
        }

        response = self.client.post(reverse('wl_applications:amendment_request'), post_data)

        self.assertEqual(200, response.status_code)

        resp_data = json.loads(response.content.decode('utf8'))

        application.refresh_from_db()

        self.assertIn('review_status', resp_data)
        self.assertEquals(resp_data['review_status'], utils.REVIEW_STATUSES[application.review_status])
        self.assertIn('processing_status', resp_data)
        self.assertEquals(resp_data['processing_status'], utils.PROCESSING_STATUSES[application.processing_status])

        self.assertEqual(application.customer_status, 'amendment_required')
        self.assertEqual(application.processing_status, 'awaiting_applicant_response')
        self.assertEqual(application.review_status, 'awaiting_amendments')

        amendment_request = AmendmentRequest.objects.filter(application=application).first()

        self.assertIsNotNone(amendment_request)

        self.assertEquals(amendment_request.status, 'requested')

        self.assertTrue(is_email())
        email = get_email()
        self.assertIn(application.applicant_profile.email, email.to)
        self.assertEqual(ApplicationAmendmentRequestedEmail.subject, email.subject)

        # user logs in
        self.client.logout()
        self.client.login(self.user.email)

        self.assertTrue(application.can_user_edit)

        response = self.client.get(reverse('wl_applications:edit_application', args=(application.pk,)), follow=True)

        # check that client will be redirected to the enter details page
        self.assertRedirects(response, reverse('wl_applications:enter_details'), status_code=302,
                             target_status_code=200)

        # edit and resubmit data
        post_params = {
            'project_title-0-0': 'New Title',
            'lodge': True
        }

        response = self.client.post(reverse('wl_applications:enter_details'), post_params)

        # check that client is redirected to preview
        self.assertRedirects(response, reverse('wl_applications:preview'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        response = self.client.post(reverse('wl_applications:preview'))

        # FIXME: simulate full checkout process instead of skipping
        self.client.get(reverse('wl_applications:complete'))

        application.refresh_from_db()

        self.assertFalse(application.can_user_edit)

        self.assertEqual(application.data[0]['project_details'][0]['project_title'], 'New Title')

        self.assertEqual(application.customer_status, 'under_review')
        self.assertEqual(application.processing_status, 'ready_for_action')
        self.assertEqual(application.review_status, 'amended')

        amendment_request.refresh_from_db()

        self.assertEquals(amendment_request.status, 'amended')

        # officer logs in
        self.client.logout()
        self.client.login(self.officer.email)

        post_data = {
            'applicationID': application.id,
            'status': 'accepted'
        }

        response = self.client.post(reverse('wl_applications:set_review_status'), post_data)

        self.assertEquals(response.status_code, 200)

        application.refresh_from_db()

        self.assertEquals(application.review_status, 'accepted')

    def test_character_check(self):
        """
        Test that the character check shows for questionable characters
        """
        self.user.character_flagged = True
        self.user.save()
        application = create_and_lodge_application(self.user)

        self.assertEquals(application.character_check_status, 'not_checked')

        self.client.login(self.officer.email)

        response = self.client.get(reverse('wl_applications:process', args=(application.pk,)))

        self.assertContains(response, '<span class="glyphicon glyphicon-user"></span>')

        post_data = {
            'applicationID': application.id,
            'status': 'accepted'
        }

        response = self.client.post(reverse('wl_applications:set_character_check_status'), post_data)

        self.assertEquals(response.status_code, 200)

        application.refresh_from_db()

        self.assertEquals(application.character_check_status, 'accepted')

    def test_issued_status_after_entering_condition(self):
        """
        Test that if an application has been issued, entering condition leave the status as issued
        @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2736&project_id=24
        """
        application = create_and_lodge_application(self.user)
        # set some conditions
        url = reverse('wl_applications:enter_conditions', args=[application.pk])
        condition = get_or_create_condition('0001', {"text": "For unit test"})
        data = {
            'conditionID': [condition.pk]
        }
        self.client.login(self.officer.email)
        self.assertTrue(is_client_authenticated(self.client))
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        self.assertEquals(application.processing_status, 'ready_to_issue')

        # issue licence
        url = reverse('wl_applications:issue_licence', args=[application.pk])
        today = datetime.date.today()
        tomorrow = today + datetime.timedelta(days=1)
        data = {
            'regions': [G(Region).pk],
            'return_frequency': -1,
            'issue_date': str(today),
            'start_date': str(today),
            'end_date': str(tomorrow)
        }
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        self.assertEquals(application.processing_status, 'issued')

        # now repost conditions
        url = reverse('wl_applications:enter_conditions', args=[application.pk])
        condition = get_or_create_condition('0001', {"text": "For unit test"})
        data = {
            'conditionID': [condition.pk]
        }
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        # status should not be 'ready_to_issue' but 'issued'
        expected_status = 'issued'
        self.assertEquals(application.processing_status, expected_status)

    def test_issued_declined_licences_cannot_be_assessed(self):
        """
        Test that if a licence has been issued or application declined, assessments can no longer be done.
        @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2743&project_id=24
        """
        # create application to issue
        application = create_and_lodge_application(self.user)

        # send out assessment
        assessment = get_or_create_assessment(application)
        self.assertEquals(assessment.status, 'awaiting_assessment')

        self.client.login(self.officer.email)

        # issue licence
        url = reverse('wl_applications:issue_licence', args=[application.pk])
        today = datetime.date.today()
        tomorrow = today + datetime.timedelta(days=1)
        data = {
            'regions': [G(Region).pk],
            'return_frequency': -1,
            'issue_date': str(today),
            'start_date': str(today),
            'end_date': str(tomorrow)
        }
        resp = self.client.post(url, data=data, follow=True)
        self.assertEquals(200, resp.status_code)
        application.refresh_from_db()
        self.assertEquals(application.processing_status, 'issued')

        assessment.refresh_from_db()
        self.assertEquals(assessment.status, 'assessment_expired')

        # create application to decline
        application = create_and_lodge_application(self.user)

        # send out assessment
        assessment = get_or_create_assessment(application)
        self.assertEquals(assessment.status, 'awaiting_assessment')

        # decline licence
        resp = self.client.post(reverse('wl_applications:process', args=[application.pk]), data={'decline': True},
                                follow=True)
        self.assertEquals(200, resp.status_code)

        assessment.refresh_from_db()
        self.assertEquals(assessment.status, 'assessment_expired')

    def test_declined_applications_status(self):
        """
        Test that if an application has been declined, the officer and customer will both have a declined status
        @see https://kanboard.dpaw.wa.gov.au/?controller=TaskViewController&action=show&task_id=2741&project_id=24
        """
        # create application to decline
        application = create_and_lodge_application(self.user)

        self.client.login(self.officer.email)

        # decline licence
        resp = self.client.post(reverse('wl_applications:process', args=[application.pk]),
                                data={'decline': True, 'reason': 'N/A'},
                                follow=True)
        self.assertEquals(200, resp.status_code)

        application.refresh_from_db()

        self.assertEquals(application.customer_status, 'declined')
        self.assertEquals(application.processing_status, 'declined')

        # Test that the reason is stored
        details = ApplicationDeclinedDetails.objects.filter(application=application).first()
        self.assertIsNotNone(details)
        self.assertEqual(application, details.application)
        self.assertEqual(self.officer, details.officer)
        self.assertEquals('N/A', details.reason)
示例#25
0
class AccountsTestCase(TestCase):
    def setUp(self):
        create_default_country()
        self.customer = get_or_create_default_customer()

        self.officer = get_or_create_default_officer()

        self.client = SocialClient()

    def tearDown(self):
        self.client.logout()
        # clean id file
        if self.customer.identification:
            os.remove(self.customer.identification.path)

    def test_profile_list(self):
        """Testing that a user can display the profile list if they are a customer"""
        self.client.login(self.customer.email)

        # check that client can access the profile list
        response = self.client.get(reverse('wl_main:list_profiles'))
        self.assertEqual(200, response.status_code)

    def test_profile_list_non_customer(self):
        """Testing that a user cannot display the profile list if they are not a customer"""
        self.client.login(self.officer.email)

        # check that client gets redirected if they try to access the profile list
        response = self.client.get(reverse('wl_main:list_profiles'))
        self.assertEqual(403, response.status_code)

    def test_create_profile(self):
        """Testing that a user can create a profile"""
        self.client.login(self.customer.email)

        original_profile_count = Profile.objects.filter(
            user=self.customer).count()

        # check that client can access the create profile page
        response = self.client.get(reverse('wl_main:create_profile'))
        self.assertEqual(200, response.status_code)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001'
        }

        response = self.client.post(reverse('wl_main:create_profile'),
                                    post_params)
        self.assertEqual(302, response.status_code)

        # check that a new profile has been created
        self.assertEquals(
            Profile.objects.filter(user=self.customer).count(),
            original_profile_count + 1)

    def test_edit_profile(self):
        """Testing that a user can edit an existing profile"""
        self.client.login(self.customer.email)

        # check no profile
        self.assertEquals(0,
                          Profile.objects.filter(user=self.customer).count())
        # create original profile
        # address = Address.objects.create(line1='1 Test Street', locality='Test Suburb', state='WA', postcode='0001')
        # profile = Profile.objects.create(user=self.customer, name='Test Profile', email='*****@*****.**',
        #                                  institution='Test Institution', postal_address=address)

        post_params = {
            'user': self.customer.pk,
            'name': 'Test Profile',
            'email': '*****@*****.**',
            'institution': 'Test Institution',
            'line1': '1 Test Street',
            'locality': 'Test Suburb',
            'state': 'WA',
            'country': 'AU',
            'postcode': '0001'
        }
        response = self.client.post(reverse('wl_main:create_profile'),
                                    post_params)
        self.assertEqual(302, response.status_code)

        # check that one profile has been created
        self.assertEquals(1,
                          Profile.objects.filter(user=self.customer).count())

        profile = Profile.objects.filter(user=self.customer).first()
        # check that client can access the edit profile page
        response = self.client.get(
            reverse('wl_main:edit_profile', args=(profile.pk, )))
        self.assertEqual(200, response.status_code)

        # updated profile
        post_params['name'] = 'Updated Profile'
        post_params['line1'] = 'New Line 1'
        response = self.client.post(
            reverse('wl_main:edit_profile', args=(profile.pk, )), post_params)
        self.assertEqual(302, response.status_code)

        # get updated profile
        self.assertEquals(1,
                          Profile.objects.filter(user=self.customer).count())

        profile = Profile.objects.filter(user=self.customer).first()

        # check that the profile has been edited
        self.assertEquals(profile.name, 'Updated Profile')
        self.assertEquals(profile.postal_address.line1, 'New Line 1')

    def test_manage_id(self):
        """Testing that a user can access the manage identification page"""
        self.client.login(self.customer.email)

        # check that client can access the manage identification page
        response = self.client.get(reverse('wl_main:identification'))
        self.assertEqual(200, response.status_code)

    def test_upload_id(self):
        """Testing that a user can upload an ID image"""
        self.client.login(self.customer.email)
        self.assertIsNone(self.customer.identification)
        response = self.client.get(reverse('wl_main:identification'))
        self.assertEqual(200, response.status_code)
        response = upload_id(self.customer)
        self.assertEqual(200, response.status_code)

        # update customer
        self.customer.refresh_from_db()

        self.assertIsNotNone(self.customer.identification)
示例#26
0
class TestViewAccess(TestCase):
    def setUp(self):
        self.client = SocialClient()
        self.user = get_or_create_default_customer()
        self.officer = get_or_create_default_officer()
        self.application = create_and_lodge_application(self.user, **{
            'data': {
                'title': 'My Application'
            }
        })
        self.process_urls_get = [
            reverse('wl_applications:process', args=[self.application.pk]),
        ]

        self.process_urls_post = [
            {
                'url': reverse('wl_applications:process', args=[self.application.pk]),
                'data': {
                    'applicationID': self.application.pk,
                }
            },
            {
                'url': reverse('wl_applications:assign_officer'),
                'data': {
                    'applicationID': self.application.pk,
                    'userID': self.officer.pk,
                }
            },
            {
                'url': reverse('wl_applications:set_id_check_status'),
                'data': {
                    'applicationID': self.application.pk,
                    'status': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:id_request'),
                'data': {
                    'applicationID': self.application.pk,
                }
            },
            {
                'url': reverse('wl_applications:set_character_check_status'),
                'data': {
                    'applicationID': self.application.pk,
                    'status': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:set_review_status'),
                'data': {
                    'applicationID': self.application.pk,
                    'status': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:amendment_request'),
                'data': {
                    'applicationID': self.application.pk,
                }
            },
            {
                'url': reverse('wl_applications:send_for_assessment'),
                'data': {
                    'applicationID': self.application.pk,
                    'assGroupID': get_or_create_default_assessor_group().pk,
                    'status': 'awaiting_assessment'
                }
            },
            {
                'url': reverse('wl_applications:remind_assessment'),
                'data': {
                    'applicationID': self.application.pk,
                    'assessmentID': get_or_create_assessment(self.application).pk
                }
            },
        ]

    def tearDown(self):
        self.client.logout()

    def test_customer_access(self):
        """
         A Customer cannot access any URL
        """
        # not logged-in
        for url in self.process_urls_get:
            response = self.client.get(url, follow=True)
            self.assertTrue(is_login_page(response))

        for url in self.process_urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertTrue(is_login_page(response))

        # logged-in. Should get a 403
        self.client.login(self.user.email)
        for url in self.process_urls_get:
            response = self.client.get(url, follow=True)
            self.assertEqual(response.status_code, 403)
        for url in self.process_urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEqual(response.status_code, 403)

    def test_officer_access(self):
        self.client.login(self.officer.email)
        for url in self.process_urls_get:
            response = self.client.get(url, follow=False)
            self.assertEqual(200, response.status_code)
        for url in self.process_urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEquals(200, response.status_code)
示例#27
0
class ApplicationEntrySecurity(TransactionTestCase):
    fixtures = ['licences.json']
    serialized_rollback = True

    def setUp(self):
        self.client = SocialClient()

    def tearDown(self):
        self.client.logout()

    def test_user_access_other_user(self):
        """
        Test that a user cannot edit/view another user application
        """
        customer1 = create_random_customer()
        customer2 = create_random_customer()
        self.assertNotEqual(customer1, customer2)

        application1 = helpers.create_application(user=customer1)
        application2 = helpers.create_application(user=customer2)
        self.assertNotEqual(application1, application2)

        # login as user1
        self.client.login(customer1.email)
        my_url = reverse('wl_applications:edit_application', args=[application1.pk])
        response = self.client.get(my_url)
        self.assertEqual(302, response.status_code)

        forbidden_urls = [
            reverse('wl_applications:edit_application', args=[application2.pk]),
        ]

        for forbidden_url in forbidden_urls:
            response = self.client.get(forbidden_url, follow=True)
            self.assertEqual(403, response.status_code)

    def test_user_access_lodged(self):
        """
        Once the application if lodged the user should not be able to edit it
        """
        customer1 = create_random_customer()
        self.client.login(customer1)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(1,)))

        application = Application.objects.first()
        self.assertIsNotNone(application)
        self.assertIsNotNone(application.applicant)

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        response = self.client.post(reverse('wl_applications:preview'))

        # check that client is redirected to checkout
        self.assertRedirects(response, reverse('wl_payments:checkout_application', args=(application.pk,)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is new/underreview
        self.assertEqual(application.processing_status, 'new')
        self.assertEqual('under_review', application.customer_status)

        response = self.client.get(reverse('wl_applications:edit_application', args=[application.pk]), follow=True)
        self.assertEqual(403, response.status_code)

    def test_user_not_logged_is_redirected_to_login(self):
        """
        A user not logged in should be redirected to the login page and not see a 403
        """
        customer1 = create_random_customer()
        self.client.login(customer1)

        self.client.get(reverse('wl_applications:new_application'))
        self.client.get(reverse('wl_applications:select_licence_type', args=(1,)))

        application = Application.objects.first()
        self.assertIsNotNone(application)

        # check that the state of the application is temp
        self.assertEqual(application.processing_status, 'temp')

        response = self.client.post(reverse('wl_applications:preview'))

        # check that client is redirected to checkout
        self.assertRedirects(response, reverse('wl_payments:checkout_application', args=(application.pk,)),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)

        application.refresh_from_db()

        # check that the state of the application is new/underreview
        self.assertEqual(application.processing_status, 'new')
        self.assertEqual('under_review', application.customer_status)

        # logout
        self.client.logout()

        response = self.client.get(reverse('wl_applications:edit_application', args=[application.pk]), follow=True)
        self.assertEqual(200, response.status_code)
        self.assertTrue(is_login_page(response))
示例#28
0
class ReturnsTestCase(TestCase):
    fixtures = [
        'licences.json', 'countries.json', 'catalogue.json', 'partner.json',
        'returns.json'
    ]

    def setUp(self):
        self.customer = get_or_create_default_customer(
            include_default_profile=True)
        self.officer = get_or_create_default_officer()

        self.client = SocialClient()

        self.licence = create_licence(self.customer,
                                      self.officer,
                                      product_title='regulation-17')
        self.ret = create_return(self.licence)

    def tearDown(self):
        self.client.logout()

    def test_returns_lodgement_page(self):
        """Testing that a user can access the returns lodgement page"""

        self.client.login(self.customer.email)

        # check that client can access the licence type selection list
        response = self.client.get(
            reverse('wl_returns:enter_return', args=(self.ret.pk, )))
        self.assertEqual(200, response.status_code)

    def test_lodge_nil_return(self):
        """Testing that a user can log a nil return"""

        self.client.login(self.customer.email)

        post_params = {'nil': True, 'comments': 'No survey taken'}
        response = self.client.post(
            reverse('wl_returns:enter_return', args=(self.ret.pk, )),
            post_params)

        self.assertRedirects(response,
                             reverse('home'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

    def test_upload_return_spreadsheet(self):
        """Testing that a user can upload a return spreadsheet"""

        self.client.login(self.customer.email)

        with open(TEST_SPREADSHEET_PATH, 'rb') as fp:
            post_params = {'upload': True, 'spreadsheet_file': fp}
            response = self.client.post(
                reverse('wl_returns:enter_return', args=(self.ret.pk, )),
                post_params)

        self.assertEqual(200, response.status_code)

        # assert values in the response context match those in the spreadsheet
        for key, value in response.context['tables'][0]['data'][0].items():
            self.assertEqual(value['value'], TEST_VALUES[key])

    def test_lodge_return(self):
        """Testing that a user can lodge a return"""
        self.client.login(self.customer.email)

        # check return status is intially 'current'
        self.assertEqual(self.ret.status, 'current')

        post_params = {
            'lodge': True,
        }

        for key, value in TEST_VALUES.items():
            post_params['regulation-17::{}'.format(key)] = value

        response = self.client.post(
            reverse('wl_returns:enter_return', args=(self.ret.pk, )),
            post_params)

        self.assertRedirects(response,
                             reverse('home'),
                             status_code=302,
                             target_status_code=200,
                             fetch_redirect_response=False)

        self.ret.refresh_from_db()

        # check return status is 'submitted'
        self.assertEqual(self.ret.status, 'submitted')

        # assert values in the return is what is expected
        for key, value in self.ret.returntable_set.first().returnrow_set.first(
        ).data.items():
            self.assertEqual(value, str(TEST_VALUES[key]))
示例#29
0
class TestLifeCycle(TestCase):
    fixtures = ['licences.json', 'countries.json', 'catalogue.json', 'partner.json', 'returns.json']

    def setUp(self):
        self.customer = get_or_create_default_customer(include_default_profile=True)
        self.officer = get_or_create_default_officer()
        self.assessor = get_or_create_default_assessor()
        self.not_allowed_customer = create_random_customer()
        self.assertNotEqual(self.not_allowed_customer, self.customer)

        self.client = SocialClient()
        self.licence_type = get_or_create_licence_type('regulation-17')
        self.return_type = get_or_create_return_type(self.licence_type)

    def tearDown(self):
        self.client.logout()

    def _issue_licence(self, licence_data, **kwargs):
        application = app_helpers.create_and_lodge_application(self.customer, **{
            'applicant': kwargs.get('applicant', self.customer),
            'licence_type': kwargs.get('licence_type', self.licence_type)
        })
        self.assertIsNotNone(application)
        self.assertEqual(application.applicant, self.customer)
        self.assertIsNone(application.proxy_applicant)
        licence = app_helpers.issue_licence(
            application,
            kwargs.get('issuer', self.officer),
            licence_data=licence_data
        )
        self.assertEqual(licence.holder, self.customer)
        self.assertIsNotNone(licence)
        return licence

    def _lodge_reg17_return(self, ret, data=None):
        post_params = {
            'lodge': True,
        }
        data = data or TEST_VALUES
        for key, value in data.items():
            post_params['regulation-17::{}'.format(key)] = value

        holder = ret.licence.holder
        self.client.login(holder.email)
        response = self.client.post(reverse('wl_returns:enter_return', args=(ret.pk,)), post_params)
        self.assertRedirects(response, reverse('home'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)
        ret.refresh_from_db()
        self.client.logout()
        return data

    def _create_and_lodge_return(self):
        start_date = date.today()
        end_date = start_date + relativedelta(months=2)  # 2 months licence
        licence_data = {
            'return_frequency': -1,  # one off
            'start_date': str(start_date),
            'end_date': str(end_date)
        }
        licence = self._issue_licence(licence_data)
        self.assertIsNotNone(licence)

        ret = Return.objects.first()
        expected_status = 'current'
        self.assertEqual(ret.status, expected_status)
        data = self._lodge_reg17_return(ret)
        expected_status = 'submitted'
        self.assertEqual(ret.status, expected_status)
        return ret, data

    def _create_lodge_and_amend_return(self):
        ret, data = self._create_and_lodge_return()
        expected_status = 'submitted'
        self.assertEqual(ret.status, expected_status)

        url = reverse('wl_returns:amendment_request')
        curator = self.officer
        self.client.login(curator.email)
        payload = {
            'ret': ret.pk,
            'officer': curator.pk,
            'reason': 'Chubby bat is not a valid species'
        }
        resp = self.client.post(url, data=payload)
        self.assertEqual(resp.status_code, 200)
        ret.refresh_from_db()
        expected_status = 'amendment_required'
        self.assertEqual(ret.status, expected_status)
        self.assertEqual(ret.pending_amendments_qs.count(), 1)
        self.client.logout()
        return ret

    def test_initial_states_with_future(self):
        """
        Test that after the licence has been created some returns has been created according to the return frequency
        and the licence end date
        """
        # issue licence
        # use a one year licence with a monthly return
        start_date = today = date.today()
        end_date = start_date + timedelta(days=366)
        licence_data = {
            'return_frequency': 1,
            'start_date': str(start_date),
            'end_date': str(end_date)
        }
        licence = self._issue_licence(licence_data)
        self.assertIsNotNone(licence)

        # 12 returns should have been created
        rets = Return.objects.all().order_by('due_date')
        self.assertEqual(rets.count(), 12)
        # the first one should be in a month with status 'current'
        current = rets.first()
        self.assertEqual(current.status, 'current')
        next_month = today + relativedelta(months=1)
        self.assertEqual(current.due_date, next_month)
        # the next ones should have the status 'future'
        futures = rets[1:]
        for i, future in enumerate(futures, start=1):
            self.assertEqual(future.status, 'future')
            expected_due_date = next_month + relativedelta(months=i)
            self.assertEqual(future.due_date, expected_due_date)

    def test_initial_one_off(self):
        """
        Test one off. One return due at the licence end date
        """
        start_date = date.today()
        end_date = start_date + relativedelta(months=2)  # 2 months licence
        licence_data = {
            'return_frequency': -1,  # one off
            'start_date': str(start_date),
            'end_date': str(end_date)
        }
        licence = self._issue_licence(licence_data)
        self.assertIsNotNone(licence)
        rets = Return.objects.all()
        self.assertEqual(rets.count(), 1)
        # the first one should be in a month with status 'current'
        current = rets.first()
        self.assertEqual(current.status, 'current')
        # due date should match the licence end date
        expected_due_date = end_date
        self.assertEqual(current.due_date, expected_due_date)

    def test_enter_return_happy_path(self):
        start_date = date.today()
        end_date = start_date + relativedelta(months=2)  # 2 months licence
        licence_data = {
            'return_frequency': -1,  # one off
            'start_date': str(start_date),
            'end_date': str(end_date)
        }
        licence = self._issue_licence(licence_data)
        self.assertIsNotNone(licence)

        ret = Return.objects.first()
        expected_status = 'current'
        self.assertEqual(ret.status, expected_status)
        self._lodge_reg17_return(ret)
        expected_status = 'submitted'
        self.assertEqual(ret.status, expected_status)

    def test_curate_happy_path(self):
        ret, data = self._create_and_lodge_return()
        expected_status = 'submitted'
        self.assertEqual(ret.status, expected_status)

        url = reverse('wl_returns:curate_return', args=(ret.pk,))
        curator = self.officer
        self.client.login(curator.email)

        # get method
        response = self.client.get(url)
        self.assertEqual(response.status_code, 200)
        # the return data is in a 'tables' context (one per return type).
        ctx = response.context
        self.assertTrue('tables' in ctx)
        # this return (reg-17) has only one table.
        tables = ctx['tables']
        self.assertEqual(len(tables), 1)
        table = tables[0]
        self.assertIsInstance(table, dict)
        self.assertEqual(sorted(['headers', 'data', 'name', 'title']), sorted(table.keys()))

        # verify data
        sent_data = table['data']
        # should be a list of rows
        self.assertIsInstance(sent_data, list)
        # we expect only one row
        self.assertEqual(len(sent_data), 1)
        sent_first_row = sent_data[0]
        self.assertIsInstance(sent_first_row, dict)
        # the values should match what the customer submitted
        expected_data = TEST_VALUES
        for expected_key, expected_value in expected_data.items():
            self.assertTrue(expected_key in sent_first_row, "{} not in sent data".format(expected_key))
            # each returned 'cell' contains the value and an error
            sent_cell = sent_first_row.get(expected_key)
            self.assertTrue('value' in sent_cell)
            self.assertTrue('error' in sent_cell)
            sent_value = sent_cell.get('value')
            sent_error = sent_cell.get('error')
            # we don't expect any error
            self.assertIsNone(sent_error)
            # all sent values are string
            expected_value = str(expected_value)
            self.assertEqual(sent_value, expected_value)

        # post method
        # changed the species name
        new_species = 'Chubby bat'
        data = TEST_VALUES
        data['SPECIES_NAME'] = new_species
        payload = {
            'accept': True
        }
        for key, value in data.items():
            payload['regulation-17::{}'.format(key)] = value
        response = self.client.post(url, data=payload)
        self.assertRedirects(response, reverse('home'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)
        ret.refresh_from_db()
        expected_status = 'accepted'
        self.assertEqual(ret.status, expected_status)

        # check value
        data = ret.returntable_set.first().returnrow_set.first().data
        self.assertEqual(data.get('SPECIES_NAME'), new_species)

    def test_curate_request_amendments(self):
        """
        Test workflow when an officer requests a amendment to a return, especially the status change and verify that
        an email is sent to the user.
        """
        ret, data = self._create_and_lodge_return()
        expected_status = 'submitted'
        self.assertEqual(ret.status, expected_status)

        pending_amendments = ret.pending_amendments_qs
        self.assertEqual(pending_amendments.count(), 0)

        url = reverse('wl_returns:amendment_request')
        curator = self.officer
        self.client.login(curator.email)
        # important clear mailbox
        clear_mailbox()
        self.assertEqual(len(mail.outbox), 0)

        payload = {
            'ret': ret.pk,
            'officer': curator.pk,
            'reason': 'Chubby bat is not a valid species'
        }
        resp = self.client.post(url, data=payload)
        self.assertEqual(resp.status_code, 200)
        # expect a json response with the return amendment serialized
        resp_data = resp.json()
        self.assertTrue('amendment_request' in resp_data)
        # the reason should be returned
        self.assertEqual(resp_data['amendment_request'].get('reason'), payload['reason'])

        ret.refresh_from_db()
        expected_status = 'amendment_required'
        self.assertEqual(ret.status, expected_status)

        # we should have a pending amendment
        pending_amendments = ret.pending_amendments_qs
        self.assertEqual(pending_amendments.count(), 1)
        pending_amendment = pending_amendments.first()
        self.assertEqual(pending_amendment.status, 'requested')
        self.assertEqual(pending_amendment.officer, curator)
        self.assertEqual(pending_amendment.reason, payload['reason'])
        self.assertEqual(pending_amendment.ret, ret)

        # an email must have been sent to the applicant
        self.assertEqual(len(mail.outbox), 1)
        email = mail.outbox[0]
        self.assertEqual(len(email.to), 1)
        expected_address = ret.licence.profile.email
        self.assertEqual(email.to[0], expected_address)
        # the email body should contain a link to the edit return page
        # due to test environment we cannot use reverse or even host_reverse
        expected_url = "/returns/enter-return/{}".format(ret.pk)
        self.assertTrue(str(email.body).find(expected_url) > 0)

    def test_user_edit_after_amendments(self):
        """
        The user can edit and loge (amend) the return
        :return:
        """
        ret = self._create_lodge_and_amend_return()
        self._lodge_reg17_return(ret)
        expected_status = 'amended'
        self.assertEqual(ret.status, expected_status)
        self.assertEqual(ret.pending_amendments_qs.count(), 0)

    def test_curate_amended(self):
        """
        The officer can curate and accept an amended return
        :return:
        """
        # create/amend ...
        ret = self._create_lodge_and_amend_return()
        self._lodge_reg17_return(ret)
        expected_status = 'amended'
        self.assertEqual(ret.status, expected_status)
        self.assertEqual(ret.pending_amendments_qs.count(), 0)

        # officer curates: changed the species name
        url = reverse('wl_returns:curate_return', args=(ret.pk,))
        curator = self.officer
        self.client.login(curator.email)
        new_species = 'Chubby bat'
        data = TEST_VALUES
        data['SPECIES_NAME'] = new_species
        payload = {
            'accept': True
        }
        for key, value in data.items():
            payload['regulation-17::{}'.format(key)] = value
        response = self.client.post(url, data=payload)
        self.assertRedirects(response, reverse('home'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)
        ret.refresh_from_db()
        expected_status = 'accepted'
        self.assertEqual(ret.status, expected_status)

    def test_declined_amended(self):
        """
        Test decline an amended return
        """
        # create/amend ...
        ret = self._create_lodge_and_amend_return()
        self._lodge_reg17_return(ret)
        expected_status = 'amended'
        self.assertEqual(ret.status, expected_status)
        self.assertEqual(ret.pending_amendments_qs.count(), 0)

        url = reverse('wl_returns:curate_return', args=(ret.pk,))
        curator = self.officer
        self.client.login(curator.email)
        payload = {
            'decline': True
        }
        response = self.client.post(url, data=payload)
        self.assertRedirects(response, reverse('home'),
                             status_code=302, target_status_code=200, fetch_redirect_response=False)
        ret.refresh_from_db()
        expected_status = 'declined'
        self.assertEqual(ret.status, expected_status)
示例#30
0
class TestViewAccess(TestCase):
    fixtures = ['licences.json', 'conditions.json', 'returns.json']

    def setUp(self):
        self.client = SocialClient()
        self.user = get_or_create_default_customer()
        self.officer = get_or_create_default_officer()
        self.application = app_helpers.create_and_lodge_application(self.user, **{
            'data': {
                'title': 'My Application'
            }
        })
        self.assessment = app_helpers.get_or_create_assessment(self.application)
        self.condition = Condition.objects.first()
        self.assessment_condition = AssessmentCondition.objects.create(assessment=self.assessment,
                                                                       condition=self.condition,
                                                                       order=1)

        self.urls_get = [
            reverse('wl_applications:enter_conditions', args=[self.application.pk]),
            reverse('wl_applications:search_conditions')
        ]

        self.urls_post = [
            {
                'url': reverse('wl_applications:create_condition', args=[self.application.pk]),
                'data': {
                    'code': '123488374',
                    'text': 'condition text'
                }
            },
            {
                'url': reverse('wl_applications:set_assessment_condition_state'),
                'data': {
                    'assessmentConditionID': self.assessment_condition.pk,
                    'acceptanceStatus': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:enter_conditions', args=[self.application.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]

    def tearDown(self):
        self.client.logout()

    def test_customer_access(self):
        """
         A Customer cannot access any URL
        """
        # not logged-in
        for url in self.urls_get:
            response = self.client.get(url, follow=True)
            self.assertTrue(is_login_page(response))

        for url in self.urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertTrue(is_login_page(response))

        # logged-in. Should throw a 403 or redirect to login
        self.client.login(self.user.email)
        for url in self.urls_get:
            response = self.client.get(url, follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('wl_dashboard:tables_customer'), status_code=302,
                                     target_status_code=200)
        for url in self.urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('wl_dashboard:tables_customer'), status_code=302,
                                     target_status_code=200)

    def test_officer_access(self):
        """
        Officer should be able to access any views
        """
        self.client.login(self.officer.email)
        for url in self.urls_get:
            response = self.client.get(url, follow=False)
            self.assertEqual(200, response.status_code)
        for url in self.urls_post:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEquals(200, response.status_code)

    def test_assessor_access_limited(self):
        """
        Test that an assessor cannot edit an assessment that doesn't belong to their group
        All accessor can search conditions
        """
        assessor = get_or_create_default_assessor()
        self.client.login(assessor.email)
        # This assessor doesn't belong to a group
        self.assertTrue(is_assessor(assessor))
        self.assertFalse(get_user_assessor_groups(assessor))

        # forbidden
        urls_get_forbidden = [
            reverse('wl_applications:enter_conditions', args=[self.application.pk]),
            reverse('wl_applications:enter_conditions_assessor', args=[self.application.pk, self.assessment.pk]),
        ]
        urls_post_forbidden = [
            {
                'url': reverse('wl_applications:create_condition', args=[self.application.pk]),
                'data': {
                    'code': '123488374',
                    'text': 'condition text'
                }
            },
            {
                'url': reverse('wl_applications:set_assessment_condition_state'),
                'data': {
                    'assessmentConditionID': self.assessment_condition.pk,
                    'acceptanceStatus': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:enter_conditions', args=[self.application.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
            {
                'url': reverse('wl_applications:enter_conditions_assessor',
                               args=[self.application.pk, self.assessment.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        # Allowed
        urls_get_allowed = [
            reverse('wl_applications:search_conditions')
        ]
        urls_post_allowed = [
        ]
        for url in urls_get_forbidden:
            response = self.client.get(url, follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('wl_dashboard:tables_assessor'), status_code=302,
                                     target_status_code=200)
        for url in urls_post_forbidden:
            response = self.client.post(url['url'], url['data'], follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('wl_dashboard:tables_assessor'), status_code=302,
                                     target_status_code=200)
        for url in urls_get_allowed:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code)

        for url in urls_post_allowed:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEqual(200, response.status_code)

    def test_assessor_access_normal(self):
        """
        Test that an assessor can edit an assessment that belongs to their group
        """
        assessor = get_or_create_default_assessor()
        self.client.login(assessor.email)
        # This assessor doesn't belong to a group
        self.assertTrue(is_assessor(assessor))
        # add the assessor to the assessment group
        self.assertTrue(Assessment.objects.filter(application=self.application).count() > 0)
        for assessment in Assessment.objects.filter(application=self.application):
            add_assessor_to_assessor_group(assessor, assessment.assessor_group)

        # forbidden
        urls_get_forbidden = [
            reverse('wl_applications:enter_conditions', args=[self.application.pk]),
        ]
        urls_post_forbidden = [
            {
                'url': reverse('wl_applications:create_condition', args=[self.application.pk]),
                'data': {
                    'code': '123488374',
                    'text': 'condition text'
                }
            },
            {
                'url': reverse('wl_applications:set_assessment_condition_state'),
                'data': {
                    'assessmentConditionID': self.assessment_condition.pk,
                    'acceptanceStatus': 'accepted',
                }
            },
            {
                'url': reverse('wl_applications:enter_conditions', args=[self.application.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        # Allowed
        urls_get_allowed = [
            reverse('wl_applications:search_conditions'),
            reverse('wl_applications:enter_conditions_assessor', args=[self.application.pk, self.assessment.pk]),
        ]
        urls_post_allowed = [
            {
                'url': reverse('wl_applications:enter_conditions_assessor',
                               args=[self.application.pk, self.assessment.pk]),
                'data': {
                    'conditionID': [self.condition.pk],
                }
            },
        ]
        for url in urls_get_forbidden:
            response = self.client.get(url, follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('wl_dashboard:tables_assessor'), status_code=302,
                                     target_status_code=200)
        for url in urls_post_forbidden:
            response = self.client.post(url['url'], url['data'], follow=True)
            if response.status_code != 403:
                self.assertRedirects(response, reverse('wl_dashboard:tables_assessor'), status_code=302,
                                     target_status_code=200)
        for url in urls_get_allowed:
            response = self.client.get(url, follow=True)
            self.assertEqual(200, response.status_code)

        for url in urls_post_allowed:
            response = self.client.post(url['url'], url['data'], follow=True)
            self.assertEqual(200, response.status_code)