pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #809 from dod-ccpo/resource-finder

Browse Source 
Resource finder
This commit is contained in:
dandds
2019-05-10 06:07:45 -04:00
committed by GitHub
parent d3b775150c 2d99b5cfc5
commit 2435f91b13
9 changed files with 191 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
tests/domain/test_authz.py
View File

@@ -153,7 +153,7 @@ def test_user_can_access_decorator_atat_level(set_current_user):
_access_activity_log()
def test_user_can_access_decorator_portfolio_level(set_current_user):
def test_user_can_access_decorator_portfolio_level(set_current_user, request_ctx):
ccpo = UserFactory.create_ccpo()
edit_admin = UserFactory.create()
view_admin = UserFactory.create()
@@ -162,6 +162,9 @@ def test_user_can_access_decorator_portfolio_level(set_current_user):
# factory gives view perms by default
PortfolioRoleFactory.create(user=view_admin, portfolio=portfolio)
request_ctx.g.portfolio = portfolio
request_ctx.g.application = None
@user_can_access_decorator(Permissions.EDIT_PORTFOLIO_NAME)
def _edit_portfolio_name(*args, **kwargs):
return True
@@ -177,7 +180,7 @@ def test_user_can_access_decorator_portfolio_level(set_current_user):
_edit_portfolio_name(portfolio_id=portfolio.id)
def test_user_can_access_decorator_application_level(set_current_user):
def test_user_can_access_decorator_application_level(set_current_user, request_ctx):
ccpo = UserFactory.create_ccpo()
port_admin = UserFactory.create()
app_user = UserFactory.create()
@@ -189,6 +192,9 @@ def test_user_can_access_decorator_application_level(set_current_user):
app = portfolio.applications[0]
ApplicationRoleFactory.create(application=app, user=app_user)
request_ctx.g.portfolio = portfolio
request_ctx.g.application = app
@user_can_access_decorator(Permissions.VIEW_APPLICATION)
def _stroll_into_mos_eisley(*args, **kwargs):
return True

42
tests/routes/portfolios/test_invitations.py
View File

@@ -27,7 +27,9 @@ def test_existing_member_accepts_valid_invite(client, user_session):
assert len(Portfolios.for_user(user)) == 0
user_session(user)
response = client.get(url_for("portfolios.accept_invitation", token=invite.token))
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=invite.token)
)
# user is redirected to the portfolio view
assert response.status_code == 302
@@ -68,7 +70,9 @@ def test_new_member_accepts_valid_invite(monkeypatch, client, user_session):
"atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
)
user_session(user)
response = client.get(url_for("portfolios.accept_invitation", token=token))
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=token)
)
# user is redirected to the portfolio view
assert response.status_code == 302
@@ -90,7 +94,9 @@ def test_member_accepts_invalid_invite(client, user_session):
user_id=user.id, role=ws_role, status=InvitationStatus.REJECTED_WRONG_USER
)
user_session(user)
response = client.get(url_for("portfolios.accept_invitation", token=invite.token))
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=invite.token)
)
assert response.status_code == 404
@@ -121,7 +127,9 @@ def test_user_accepts_invite_with_wrong_dod_id(client, user_session):
)
invite = PortfolioInvitationFactory.create(user_id=user.id, role=ws_role)
user_session(different_user)
response = client.get(url_for("portfolios.accept_invitation", token=invite.token))
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=invite.token)
)
assert response.status_code == 404
@@ -139,7 +147,9 @@ def test_user_accepts_expired_invite(client, user_session):
expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
)
user_session(user)
response = client.get(url_for("portfolios.accept_invitation", token=invite.token))
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=invite.token)
)
assert response.status_code == 404
@@ -161,7 +171,7 @@ def test_revoke_invitation(client, user_session):
url_for(
"portfolios.revoke_invitation",
portfolio_id=portfolio.id,
token=invite.token,
portfolio_token=invite.token,
)
)
@@ -187,7 +197,7 @@ def test_user_can_only_revoke_invites_in_their_portfolio(client, user_session):
url_for(
"portfolios.revoke_invitation",
portfolio_id=portfolio.id,
token=invite.token,
portfolio_token=invite.token,
)
)
@@ -213,7 +223,7 @@ def test_user_can_only_resend_invites_in_their_portfolio(client, user_session, q
url_for(
"portfolios.resend_invitation",
portfolio_id=portfolio.id,
token=invite.token,
portfolio_token=invite.token,
)
)
@@ -235,7 +245,7 @@ def test_resend_invitation_sends_email(client, user_session, queue):
url_for(
"portfolios.resend_invitation",
portfolio_id=portfolio.id,
token=invite.token,
portfolio_token=invite.token,
)
)
@@ -261,7 +271,7 @@ def test_existing_member_invite_resent_to_email_submitted_in_form(
url_for(
"portfolios.resend_invitation",
portfolio_id=portfolio.id,
token=invite.token,
portfolio_token=invite.token,
)
)
@@ -295,7 +305,9 @@ def test_contracting_officer_accepts_invite(monkeypatch, client, user_session):
"atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
)
user_session(user)
response = client.get(url_for("portfolios.accept_invitation", token=token))
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=token)
)
# user is redirected to the task order review page
assert response.status_code == 302
@@ -329,7 +341,9 @@ def test_cor_accepts_invite(monkeypatch, client, user_session):
"atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
)
user_session(user)
response = client.get(url_for("portfolios.accept_invitation", token=token))
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=token)
)
# user is redirected to the task order review page
assert response.status_code == 302
@@ -363,7 +377,9 @@ def test_so_accepts_invite(monkeypatch, client, user_session):
"atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
)
user_session(user)
response = client.get(url_for("portfolios.accept_invitation", token=token))
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=token)
)
# user is redirected to the task order review page
assert response.status_code == 302

10
tests/test_access.py
View File

@@ -78,9 +78,7 @@ def test_all_protected_routes_have_access_control(
monkeypatch.setattr(
"atst.domain.invitations.PortfolioInvitations._get", lambda *a: Mock()
)
monkeypatch.setattr(
"atst.utils.context_processors.get_portfolio_from_context", lambda *a: None
)
monkeypatch.setattr("atst.app.assign_resources", lambda *a: None)
# patch the internal function the access decorator uses so that
# we can check that it was called
@@ -413,7 +411,9 @@ def test_portfolios_resend_invitation_access(post_url_assert_status):
invite = PortfolioInvitationFactory.create(user=UserFactory.create(), role=prr)
url = url_for(
"portfolios.resend_invitation", portfolio_id=portfolio.id, token=invite.token
"portfolios.resend_invitation",
portfolio_id=portfolio.id,
portfolio_token=invite.token,
)
post_url_assert_status(ccpo, url, 302)
post_url_assert_status(owner, url, 302)
@@ -461,7 +461,7 @@ def test_portfolios_revoke_invitation_access(post_url_assert_status):
url = url_for(
"portfolios.revoke_invitation",
portfolio_id=portfolio.id,
token=invite.token,
portfolio_token=invite.token,
)
post_url_assert_status(user, url, status)

65
tests/utils/test_context_processors.py Normal file
View File

@@ -0,0 +1,65 @@
import pytest
from atst.domain.permission_sets import PermissionSets
from atst.models import Permissions
from atst.utils.context_processors import get_resources_from_context, user_can_view
from tests.factories import *
def test_get_resources_from_context():
portfolio = PortfolioFactory.create()
task_order = TaskOrderFactory.create(portfolio=portfolio)
application = ApplicationFactory.create(portfolio=portfolio)
environment = EnvironmentFactory.create(application=application)
assert get_resources_from_context({"portfolio_id": portfolio.id}) == (portfolio,)
assert get_resources_from_context({"application_id": application.id}) == (
portfolio,
application,
)
assert get_resources_from_context({"environment_id": environment.id}) == (
portfolio,
application,
)
assert get_resources_from_context({"task_order_id": task_order.id}) == (
portfolio,
task_order,
)
@pytest.fixture
def set_g(request_ctx):
def _set_g(attr, val):
setattr(request_ctx.g, attr, val)
yield _set_g
setattr(request_ctx.g, "application", None)
setattr(request_ctx.g, "portfolio", None)
setattr(request_ctx.g, "current_user", None)
def test_user_can_view(set_g):
owner = UserFactory.create()
app_user = UserFactory.create()
rando = UserFactory.create()
portfolio = PortfolioFactory.create(owner=owner)
application = ApplicationFactory.create(portfolio=portfolio)
ApplicationRoleFactory.create(
user=app_user,
application=application,
permission_sets=PermissionSets.get_many([PermissionSets.VIEW_APPLICATION]),
)
set_g("portfolio", portfolio)
set_g("application", application)
set_g("current_user", owner)
assert user_can_view(Permissions.VIEW_APPLICATION)
set_g("current_user", app_user)
assert user_can_view(Permissions.VIEW_APPLICATION)
set_g("current_user", rando)
assert not user_can_view(Permissions.VIEW_APPLICATION)