Merge branch 'master' into require-personal-info
This commit is contained in:
patricksmithdds
GitHub
62
tests/domain/test_invitations.py
Normal file
62
tests/domain/test_invitations.py
Normal file
@@ -0,0 +1,62 @@
|
||||
import datetime
|
||||
import pytest
|
||||
import re
|
||||
|
||||
from atst.domain.invitations import Invitations, InvitationError
|
||||
from atst.models.invitation import Status
|
||||
|
||||
from tests.factories import (
|
||||
WorkspaceFactory,
|
||||
WorkspaceRoleFactory,
|
||||
UserFactory,
|
||||
InvitationFactory,
|
||||
)
|
||||
|
||||
|
||||
def test_create_invitation():
|
||||
workspace = WorkspaceFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
|
||||
invite = Invitations.create(ws_role, workspace.owner, user)
|
||||
assert invite.user == user
|
||||
assert invite.workspace_role == ws_role
|
||||
assert invite.inviter == workspace.owner
|
||||
assert invite.status == Status.PENDING
|
||||
assert re.match(r"^[\w\-_]+$", invite.token)
|
||||
|
||||
|
||||
def test_accept_invitation():
|
||||
workspace = WorkspaceFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = WorkspaceRoleFactory.create(user=user, workspace=workspace)
|
||||
invite = Invitations.create(ws_role, workspace.owner, user)
|
||||
assert invite.is_pending
|
||||
accepted_invite = Invitations.accept(invite.token)
|
||||
assert accepted_invite.is_accepted
|
||||
|
||||
|
||||
def test_accept_expired_invitation():
|
||||
user = UserFactory.create()
|
||||
increment = Invitations.EXPIRATION_LIMIT_MINUTES + 1
|
||||
expiration_time = datetime.datetime.now() - datetime.timedelta(minutes=increment)
|
||||
invite = InvitationFactory.create(
|
||||
user_id=user.id, expiration_time=expiration_time, status=Status.PENDING
|
||||
)
|
||||
with pytest.raises(InvitationError):
|
||||
Invitations.accept(invite.token)
|
||||
|
||||
assert invite.is_rejected
|
||||
|
||||
|
||||
def test_accept_rejected_invite():
|
||||
user = UserFactory.create()
|
||||
invite = InvitationFactory.create(user_id=user.id, status=Status.REJECTED)
|
||||
with pytest.raises(InvitationError):
|
||||
Invitations.accept(invite.token)
|
||||
|
||||
|
||||
def test_accept_revoked_invite():
|
||||
user = UserFactory.create()
|
||||
invite = InvitationFactory.create(user_id=user.id, status=Status.REVOKED)
|
||||
with pytest.raises(InvitationError):
|
||||
Invitations.accept(invite.token)
|
||||
@@ -1,6 +1,14 @@
|
||||
from atst.domain.workspace_users import WorkspaceUsers
|
||||
from atst.domain.users import Users
|
||||
from tests.factories import WorkspaceFactory, UserFactory
|
||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||
from atst.domain.roles import Roles
|
||||
|
||||
from tests.factories import (
|
||||
WorkspaceFactory,
|
||||
UserFactory,
|
||||
InvitationFactory,
|
||||
WorkspaceRoleFactory,
|
||||
)
|
||||
|
||||
|
||||
def test_can_create_new_workspace_user():
|
||||
@@ -34,3 +42,24 @@ def test_can_update_existing_workspace_user():
|
||||
workspace_users[0].workspace_role.role.name
|
||||
== new_user.workspace_roles[0].role.name
|
||||
)
|
||||
|
||||
|
||||
def test_workspace_user_permissions():
|
||||
workspace_one = WorkspaceFactory.create()
|
||||
workspace_two = WorkspaceFactory.create()
|
||||
new_user = UserFactory.create()
|
||||
WorkspaceRoleFactory.create(
|
||||
workspace=workspace_one,
|
||||
user=new_user,
|
||||
role=Roles.get("developer"),
|
||||
status=WorkspaceRoleStatus.ACTIVE,
|
||||
)
|
||||
WorkspaceRoleFactory.create(
|
||||
workspace=workspace_two,
|
||||
user=new_user,
|
||||
role=Roles.get("developer"),
|
||||
status=WorkspaceRoleStatus.PENDING,
|
||||
)
|
||||
|
||||
assert WorkspaceUsers.workspace_user_permissions(workspace_one, new_user)
|
||||
assert not WorkspaceUsers.workspace_user_permissions(workspace_two, new_user)
|
||||
|
||||
@@ -6,8 +6,14 @@ from atst.domain.workspaces import Workspaces
|
||||
from atst.domain.workspace_users import WorkspaceUsers
|
||||
from atst.domain.projects import Projects
|
||||
from atst.domain.environments import Environments
|
||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||
|
||||
from tests.factories import RequestFactory, UserFactory
|
||||
from tests.factories import (
|
||||
RequestFactory,
|
||||
UserFactory,
|
||||
InvitationFactory,
|
||||
WorkspaceRoleFactory,
|
||||
)
|
||||
|
||||
|
||||
@pytest.fixture(scope="function")
|
||||
@@ -86,6 +92,23 @@ def test_can_create_workspace_user(workspace, workspace_owner):
|
||||
|
||||
new_member = Workspaces.create_member(workspace_owner, workspace, user_data)
|
||||
assert new_member.workspace == workspace
|
||||
assert new_member.user.provisional
|
||||
|
||||
|
||||
def test_can_add_existing_user_to_workspace(workspace, workspace_owner):
|
||||
user = UserFactory.create()
|
||||
user_data = {
|
||||
"first_name": "New",
|
||||
"last_name": "User",
|
||||
"email": "new.user@mail.com",
|
||||
"workspace_role": "developer",
|
||||
"dod_id": user.dod_id,
|
||||
}
|
||||
|
||||
new_member = Workspaces.create_member(workspace_owner, workspace, user_data)
|
||||
assert new_member.workspace == workspace
|
||||
assert new_member.user.email == user.email
|
||||
assert not new_member.user.provisional
|
||||
|
||||
|
||||
def test_need_permission_to_create_workspace_user(workspace, workspace_owner):
|
||||
@@ -199,9 +222,10 @@ def test_scoped_workspace_returns_all_projects_for_workspace_admin(
|
||||
["dev", "staging", "prod"],
|
||||
)
|
||||
|
||||
admin = Workspaces.add_member(
|
||||
workspace, UserFactory.from_atat_role("default"), "admin"
|
||||
).user
|
||||
admin = UserFactory.from_atat_role("default")
|
||||
Workspaces._create_workspace_role(
|
||||
admin, workspace, "admin", status=WorkspaceRoleStatus.ACTIVE
|
||||
)
|
||||
scoped_workspace = Workspaces.get(admin, workspace.id)
|
||||
|
||||
assert len(scoped_workspace.projects) == 5
|
||||
@@ -226,13 +250,25 @@ def test_scoped_workspace_returns_all_projects_for_workspace_owner(
|
||||
assert len(scoped_workspace.projects[0].environments) == 3
|
||||
|
||||
|
||||
def test_for_user_returns_assigned_workspaces_for_user(workspace, workspace_owner):
|
||||
def test_for_user_returns_active_workspaces_for_user(workspace, workspace_owner):
|
||||
bob = UserFactory.from_atat_role("default")
|
||||
WorkspaceRoleFactory.create(
|
||||
user=bob, workspace=workspace, status=WorkspaceRoleStatus.ACTIVE
|
||||
)
|
||||
Workspaces.create(RequestFactory.create())
|
||||
|
||||
bobs_workspaces = Workspaces.for_user(bob)
|
||||
|
||||
assert len(bobs_workspaces) == 1
|
||||
|
||||
|
||||
def test_for_user_does_not_return_inactive_workspaces(workspace, workspace_owner):
|
||||
bob = UserFactory.from_atat_role("default")
|
||||
Workspaces.add_member(workspace, bob, "developer")
|
||||
Workspaces.create(RequestFactory.create())
|
||||
bobs_workspaces = Workspaces.for_user(bob)
|
||||
|
||||
assert len(bobs_workspaces) == 1
|
||||
assert len(bobs_workspaces) == 0
|
||||
|
||||
|
||||
def test_for_user_returns_all_workspaces_for_ccpo(workspace, workspace_owner):
|
||||
@@ -250,7 +286,9 @@ def test_get_for_update_information():
|
||||
assert workspace == owner_ws
|
||||
|
||||
admin = UserFactory.create()
|
||||
Workspaces.add_member(workspace, admin, "admin")
|
||||
Workspaces._create_workspace_role(
|
||||
admin, workspace, "admin", status=WorkspaceRoleStatus.ACTIVE
|
||||
)
|
||||
admin_ws = Workspaces.get_for_update_information(admin, workspace.id)
|
||||
assert workspace == admin_ws
|
||||
|
||||
|
||||
@@ -18,8 +18,11 @@ from atst.models.user import User
|
||||
from atst.models.role import Role
|
||||
from atst.models.workspace import Workspace
|
||||
from atst.domain.roles import Roles
|
||||
from atst.models.workspace_role import WorkspaceRole
|
||||
from atst.models.workspace_role import WorkspaceRole, Status as WorkspaceRoleStatus
|
||||
from atst.models.environment_role import EnvironmentRole
|
||||
from atst.models.invitation import Invitation, Status as InvitationStatus
|
||||
from atst.domain.workspaces import Workspaces
|
||||
from atst.domain.invitations import Invitations
|
||||
|
||||
|
||||
class Base(factory.alchemy.SQLAlchemyModelFactory):
|
||||
@@ -243,7 +246,7 @@ class WorkspaceFactory(Base):
|
||||
@classmethod
|
||||
def _create(cls, model_class, *args, **kwargs):
|
||||
with_projects = kwargs.pop("projects", [])
|
||||
owner = kwargs.pop("owner", None)
|
||||
owner = kwargs.pop("owner", UserFactory.create())
|
||||
members = kwargs.pop("members", [])
|
||||
|
||||
workspace = super()._create(model_class, *args, **kwargs)
|
||||
@@ -252,17 +255,22 @@ class WorkspaceFactory(Base):
|
||||
ProjectFactory.create(workspace=workspace, **p) for p in with_projects
|
||||
]
|
||||
|
||||
if owner:
|
||||
workspace.request.creator = owner
|
||||
WorkspaceRoleFactory.create(
|
||||
workspace=workspace, role=Roles.get("owner"), user=owner
|
||||
)
|
||||
workspace.request.creator = owner
|
||||
WorkspaceRoleFactory.create(
|
||||
workspace=workspace,
|
||||
role=Roles.get("owner"),
|
||||
user=owner,
|
||||
status=WorkspaceRoleStatus.ACTIVE,
|
||||
)
|
||||
|
||||
for member in members:
|
||||
user = member.get("user", UserFactory.create())
|
||||
role_name = member["role_name"]
|
||||
WorkspaceRoleFactory.create(
|
||||
workspace=workspace, role=Roles.get(role_name), user=user
|
||||
workspace=workspace,
|
||||
role=Roles.get(role_name),
|
||||
user=user,
|
||||
status=WorkspaceRoleStatus.ACTIVE,
|
||||
)
|
||||
|
||||
workspace.projects = projects
|
||||
@@ -325,3 +333,11 @@ class EnvironmentRoleFactory(Base):
|
||||
environment = factory.SubFactory(EnvironmentFactory)
|
||||
role = factory.Faker("name")
|
||||
user = factory.SubFactory(UserFactory)
|
||||
|
||||
|
||||
class InvitationFactory(Base):
|
||||
class Meta:
|
||||
model = Invitation
|
||||
|
||||
status = InvitationStatus.PENDING
|
||||
expiration_time = Invitations.current_expiration_time()
|
||||
|
||||
@@ -3,11 +3,8 @@ from atst.domain.workspaces import Workspaces
|
||||
|
||||
|
||||
def test_user_with_workspaces_has_workspaces_nav(client, user_session):
|
||||
user = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(user, workspace, "developer")
|
||||
|
||||
user_session(user)
|
||||
user_session(workspace.owner)
|
||||
response = client.get("/home", follow_redirects=True)
|
||||
assert b'href="/workspaces"' in response.data
|
||||
|
||||
|
||||
@@ -1,20 +1,25 @@
|
||||
from flask import url_for
|
||||
|
||||
from tests.factories import UserFactory, WorkspaceFactory
|
||||
from tests.factories import (
|
||||
UserFactory,
|
||||
WorkspaceFactory,
|
||||
WorkspaceRoleFactory,
|
||||
InvitationFactory,
|
||||
)
|
||||
from atst.domain.workspaces import Workspaces
|
||||
from atst.domain.workspace_users import WorkspaceUsers
|
||||
from atst.domain.projects import Projects
|
||||
from atst.domain.environments import Environments
|
||||
from atst.domain.environment_roles import EnvironmentRoles
|
||||
from atst.models.workspace_user import WorkspaceUser
|
||||
from atst.models.workspace_role import Status as WorkspaceRoleStatus
|
||||
from atst.models.invitation import Status as InvitationStatus
|
||||
from atst.queue import queue
|
||||
|
||||
|
||||
def test_user_with_permission_has_budget_report_link(client, user_session):
|
||||
user = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(user, workspace, "owner")
|
||||
|
||||
user_session(user)
|
||||
user_session(workspace.owner)
|
||||
response = client.get("/workspaces/{}/projects".format(workspace.id))
|
||||
assert (
|
||||
'href="/workspaces/{}/reports"'.format(workspace.id).encode() in response.data
|
||||
@@ -24,7 +29,9 @@ def test_user_with_permission_has_budget_report_link(client, user_session):
|
||||
def test_user_without_permission_has_no_budget_report_link(client, user_session):
|
||||
user = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(user, workspace, "developer")
|
||||
Workspaces._create_workspace_role(
|
||||
user, workspace, "developer", status=WorkspaceRoleStatus.ACTIVE
|
||||
)
|
||||
user_session(user)
|
||||
response = client.get("/workspaces/{}/projects".format(workspace.id))
|
||||
assert (
|
||||
@@ -34,11 +41,8 @@ def test_user_without_permission_has_no_budget_report_link(client, user_session)
|
||||
|
||||
|
||||
def test_user_with_permission_has_add_project_link(client, user_session):
|
||||
user = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(user, workspace, "owner")
|
||||
|
||||
user_session(user)
|
||||
user_session(workspace.owner)
|
||||
response = client.get("/workspaces/{}/projects".format(workspace.id))
|
||||
assert (
|
||||
'href="/workspaces/{}/projects/new"'.format(workspace.id).encode()
|
||||
@@ -59,11 +63,8 @@ def test_user_without_permission_has_no_add_project_link(client, user_session):
|
||||
|
||||
|
||||
def test_user_with_permission_has_add_member_link(client, user_session):
|
||||
user = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(user, workspace, "owner")
|
||||
|
||||
user_session(user)
|
||||
user_session(workspace.owner)
|
||||
response = client.get("/workspaces/{}/members".format(workspace.id))
|
||||
assert (
|
||||
'href="/workspaces/{}/members/new"'.format(workspace.id).encode()
|
||||
@@ -84,10 +85,8 @@ def test_user_without_permission_has_no_add_member_link(client, user_session):
|
||||
|
||||
|
||||
def test_update_workspace_name(client, user_session):
|
||||
user = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(user, workspace, "admin")
|
||||
user_session(user)
|
||||
user_session(workspace.owner)
|
||||
response = client.post(
|
||||
url_for("workspaces.edit_workspace", workspace_id=workspace.id),
|
||||
data={"name": "a cool new name"},
|
||||
@@ -98,17 +97,15 @@ def test_update_workspace_name(client, user_session):
|
||||
|
||||
|
||||
def test_view_edit_project(client, user_session):
|
||||
owner = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(owner, workspace, "admin")
|
||||
project = Projects.create(
|
||||
owner,
|
||||
workspace.owner,
|
||||
workspace,
|
||||
"Snazzy Project",
|
||||
"A new project for me and my friends",
|
||||
{"env1", "env2"},
|
||||
)
|
||||
user_session(owner)
|
||||
user_session(workspace.owner)
|
||||
response = client.get(
|
||||
"/workspaces/{}/projects/{}/edit".format(workspace.id, project.id)
|
||||
)
|
||||
@@ -176,11 +173,11 @@ def test_user_without_permission_cannot_update_project(client, user_session):
|
||||
|
||||
|
||||
def test_create_member(client, user_session):
|
||||
owner = UserFactory.create()
|
||||
user = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(owner, workspace, "admin")
|
||||
user_session(owner)
|
||||
user_session(workspace.owner)
|
||||
queue_length = len(queue.get_queue())
|
||||
|
||||
response = client.post(
|
||||
url_for("workspaces.create_member", workspace_id=workspace.id),
|
||||
data={
|
||||
@@ -195,6 +192,8 @@ def test_create_member(client, user_session):
|
||||
|
||||
assert response.status_code == 200
|
||||
assert user.has_workspaces
|
||||
assert user.invitations
|
||||
assert len(queue.get_queue()) == queue_length + 1
|
||||
|
||||
|
||||
def test_permissions_for_view_member(client, user_session):
|
||||
@@ -211,12 +210,10 @@ def test_permissions_for_view_member(client, user_session):
|
||||
|
||||
|
||||
def test_update_member_workspace_role(client, user_session):
|
||||
owner = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(owner, workspace, "admin")
|
||||
user = UserFactory.create()
|
||||
member = WorkspaceUsers.add(user, workspace.id, "developer")
|
||||
user_session(owner)
|
||||
user_session(workspace.owner)
|
||||
response = client.post(
|
||||
url_for(
|
||||
"workspaces.update_member", workspace_id=workspace.id, member_id=user.id
|
||||
@@ -229,12 +226,10 @@ def test_update_member_workspace_role(client, user_session):
|
||||
|
||||
|
||||
def test_update_member_workspace_role_with_no_data(client, user_session):
|
||||
owner = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(owner, workspace, "admin")
|
||||
user = UserFactory.create()
|
||||
member = WorkspaceUsers.add(user, workspace.id, "developer")
|
||||
user_session(owner)
|
||||
user_session(workspace.owner)
|
||||
response = client.post(
|
||||
url_for(
|
||||
"workspaces.update_member", workspace_id=workspace.id, member_id=user.id
|
||||
@@ -247,14 +242,11 @@ def test_update_member_workspace_role_with_no_data(client, user_session):
|
||||
|
||||
|
||||
def test_update_member_environment_role(client, user_session):
|
||||
owner = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(owner, workspace, "admin")
|
||||
|
||||
user = UserFactory.create()
|
||||
member = WorkspaceUsers.add(user, workspace.id, "developer")
|
||||
project = Projects.create(
|
||||
owner,
|
||||
workspace.owner,
|
||||
workspace,
|
||||
"Snazzy Project",
|
||||
"A new project for me and my friends",
|
||||
@@ -264,7 +256,7 @@ def test_update_member_environment_role(client, user_session):
|
||||
env2_id = project.environments[1].id
|
||||
for env in project.environments:
|
||||
Environments.add_member(env, user, "developer")
|
||||
user_session(owner)
|
||||
user_session(workspace.owner)
|
||||
response = client.post(
|
||||
url_for(
|
||||
"workspaces.update_member", workspace_id=workspace.id, member_id=user.id
|
||||
@@ -282,14 +274,11 @@ def test_update_member_environment_role(client, user_session):
|
||||
|
||||
|
||||
def test_update_member_environment_role_with_no_data(client, user_session):
|
||||
owner = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
Workspaces._create_workspace_role(owner, workspace, "admin")
|
||||
|
||||
user = UserFactory.create()
|
||||
member = WorkspaceUsers.add(user, workspace.id, "developer")
|
||||
project = Projects.create(
|
||||
owner,
|
||||
workspace.owner,
|
||||
workspace,
|
||||
"Snazzy Project",
|
||||
"A new project for me and my friends",
|
||||
@@ -298,7 +287,7 @@ def test_update_member_environment_role_with_no_data(client, user_session):
|
||||
env1_id = project.environments[0].id
|
||||
for env in project.environments:
|
||||
Environments.add_member(env, user, "developer")
|
||||
user_session(owner)
|
||||
user_session(workspace.owner)
|
||||
response = client.post(
|
||||
url_for(
|
||||
"workspaces.update_member", workspace_id=workspace.id, member_id=user.id
|
||||
@@ -308,3 +297,61 @@ def test_update_member_environment_role_with_no_data(client, user_session):
|
||||
)
|
||||
assert response.status_code == 200
|
||||
assert EnvironmentRoles.get(user.id, env1_id).role == "developer"
|
||||
|
||||
|
||||
def test_new_member_accepts_valid_invite(client, user_session):
|
||||
workspace = WorkspaceFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = WorkspaceRoleFactory.create(
|
||||
workspace=workspace, user=user, status=WorkspaceRoleStatus.PENDING
|
||||
)
|
||||
invite = InvitationFactory.create(user_id=user.id, workspace_role_id=ws_role.id)
|
||||
|
||||
# the user does not have access to the workspace before accepting the invite
|
||||
assert len(Workspaces.for_user(user)) == 0
|
||||
|
||||
user_session(user)
|
||||
response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
|
||||
|
||||
# user is redirected to the workspace view
|
||||
assert response.status_code == 302
|
||||
assert (
|
||||
url_for("workspaces.show_workspace", workspace_id=invite.workspace.id)
|
||||
in response.headers["Location"]
|
||||
)
|
||||
# the one-time use invite is no longer usable
|
||||
assert invite.is_accepted
|
||||
# the user has access to the workspace
|
||||
assert len(Workspaces.for_user(user)) == 1
|
||||
|
||||
|
||||
def test_new_member_accept_invalid_invite(client, user_session):
|
||||
workspace = WorkspaceFactory.create()
|
||||
user = UserFactory.create()
|
||||
ws_role = WorkspaceRoleFactory.create(
|
||||
user=user, workspace=workspace, status=WorkspaceRoleStatus.PENDING
|
||||
)
|
||||
invite = InvitationFactory.create(
|
||||
user_id=user.id, workspace_role_id=ws_role.id, status=InvitationStatus.REJECTED
|
||||
)
|
||||
user_session(user)
|
||||
response = client.get(url_for("workspaces.accept_invitation", token=invite.token))
|
||||
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_user_who_has_not_accepted_workspace_invite_cannot_view(client, user_session):
|
||||
user = UserFactory.create()
|
||||
workspace = WorkspaceFactory.create()
|
||||
|
||||
# create user in workspace with invitation
|
||||
user_session(workspace.owner)
|
||||
response = client.post(
|
||||
url_for("workspaces.create_member", workspace_id=workspace.id),
|
||||
data={"workspace_role": "developer", **user.to_dictionary()},
|
||||
)
|
||||
|
||||
# user tries to view workspace before accepting invitation
|
||||
user_session(user)
|
||||
response = client.get("/workspaces/{}/projects".format(workspace.id))
|
||||
assert response.status_code == 404
|
||||
|
||||
Reference in New Issue
Block a user