diff --git a/atst/domain/audit_log.py b/atst/domain/audit_log.py index b15af1c3..41d931fa 100644 --- a/atst/domain/audit_log.py +++ b/atst/domain/audit_log.py @@ -24,8 +24,8 @@ class AuditEventQuery(Query): class AuditLog(object): @classmethod - def log_system_event(cls, resource, action): - return cls._log(resource=resource, action=action) + def log_system_event(cls, resource, action, workspace=None): + return cls._log(resource=resource, action=action, workspace=workspace) @classmethod def get_all_events(cls, user, pagination_opts=None): @@ -58,9 +58,10 @@ class AuditLog(object): return type(resource).__name__.lower() @classmethod - def _log(cls, user=None, workspace_id=None, resource=None, action=None): + def _log(cls, user=None, workspace=None, resource=None, action=None): resource_id = resource.id if resource else None resource_type = cls._resource_type(resource) if resource else None + workspace_id = workspace.id if workspace else None audit_event = AuditEventQuery.create( user=user, diff --git a/tests/domain/test_audit_log.py b/tests/domain/test_audit_log.py index 3e000dde..dcda0eab 100644 --- a/tests/domain/test_audit_log.py +++ b/tests/domain/test_audit_log.py @@ -2,7 +2,14 @@ import pytest from atst.domain.audit_log import AuditLog from atst.domain.exceptions import UnauthorizedError -from tests.factories import UserFactory +from atst.domain.roles import Roles +from atst.models.workspace_role import Status as WorkspaceRoleStatus +from tests.factories import ( + UserFactory, + WorkspaceFactory, + WorkspaceRoleFactory, + ProjectFactory, +) @pytest.fixture(scope="function") @@ -31,3 +38,65 @@ def test_paginate_audit_log(ccpo): events = AuditLog.get_all_events(ccpo, pagination_opts={"per_page": 25, "page": 2}) assert len(events) == 25 + + +def test_ccpo_can_view_ws_audit_log(ccpo): + workspace = WorkspaceFactory.create() + AuditLog.get_workspace_events(ccpo, workspace) + + +def test_ws_admin_can_view_ws_audit_log(): + workspace = WorkspaceFactory.create() + admin = UserFactory.create() + WorkspaceRoleFactory.create( + workspace=workspace, + user=admin, + role=Roles.get("admin"), + status=WorkspaceRoleStatus.ACTIVE, + ) + AuditLog.get_workspace_events(admin, workspace) + + +def test_ws_owner_can_view_ws_audit_log(): + workspace = WorkspaceFactory.create() + AuditLog.get_workspace_events(workspace.owner, workspace) + + +def test_other_users_cannot_view_ws_audit_log(): + with pytest.raises(UnauthorizedError): + workspace = WorkspaceFactory.create() + dev = UserFactory.create() + WorkspaceRoleFactory.create( + workspace=workspace, + user=dev, + role=Roles.get("developer"), + status=WorkspaceRoleStatus.ACTIVE, + ) + AuditLog.get_workspace_events(dev, workspace) + + +def test_paginate_ws_audit_log(): + workspace = WorkspaceFactory.create() + project = ProjectFactory.create(workspace=workspace) + for _ in range(100): + AuditLog.log_system_event( + resource=project, action="create", workspace=workspace + ) + + events = AuditLog.get_workspace_events( + workspace.owner, workspace, pagination_opts={"per_page": 25, "page": 2} + ) + assert len(events) == 25 + + +def test_ws_audit_log_only_includes_current_ws_events(): + owner = UserFactory.create() + workspace = WorkspaceFactory.create(owner=owner) + other_workspace = WorkspaceFactory.create(owner=owner) + # Add some audit events + project_1 = ProjectFactory.create(workspace=workspace) + project_2 = ProjectFactory.create(workspace=other_workspace) + + events = AuditLog.get_workspace_events(workspace.owner, workspace) + for event in events: + assert event.workspace_id == workspace.id diff --git a/tests/routes/workspaces/test_projects.py b/tests/routes/workspaces/test_projects.py index af697c3c..7d8f5ae7 100644 --- a/tests/routes/workspaces/test_projects.py +++ b/tests/routes/workspaces/test_projects.py @@ -1,5 +1,6 @@ from flask import url_for +<<<<<<< HEAD from tests.factories import ( UserFactory, WorkspaceFactory, @@ -8,8 +9,12 @@ from tests.factories import ( EnvironmentFactory, ProjectFactory, ) +======= +from tests.factories import UserFactory, WorkspaceFactory, WorkspaceRoleFactory +>>>>>>> Add tests from atst.domain.projects import Projects from atst.domain.workspaces import Workspaces +from atst.domain.roles import Roles from atst.models.workspace_role import Status as WorkspaceRoleStatus @@ -36,6 +41,55 @@ def test_user_without_permission_has_no_budget_report_link(client, user_session) ) +def test_user_with_permission_has_activity_log_link(client, user_session): + workspace = WorkspaceFactory.create() + ccpo = UserFactory.from_atat_role("ccpo") + admin = UserFactory.create() + WorkspaceRoleFactory.create( + workspace=workspace, + user=admin, + role=Roles.get("admin"), + status=WorkspaceRoleStatus.ACTIVE, + ) + + user_session(workspace.owner) + response = client.get("/workspaces/{}/projects".format(workspace.id)) + assert ( + 'href="/workspaces/{}/activity"'.format(workspace.id).encode() in response.data + ) + + # logs out previous user before creating a new session + user_session(admin) + response = client.get("/workspaces/{}/projects".format(workspace.id)) + assert ( + 'href="/workspaces/{}/activity"'.format(workspace.id).encode() in response.data + ) + + user_session(ccpo) + response = client.get("/workspaces/{}/projects".format(workspace.id)) + assert ( + 'href="/workspaces/{}/activity"'.format(workspace.id).encode() in response.data + ) + + +def test_user_without_permission_has_no_activity_log_link(client, user_session): + workspace = WorkspaceFactory.create() + developer = UserFactory.create() + WorkspaceRoleFactory.create( + workspace=workspace, + user=developer, + role=Roles.get("developer"), + status=WorkspaceRoleStatus.ACTIVE, + ) + + user_session(developer) + response = client.get("/workspaces/{}/projects".format(workspace.id)) + assert ( + 'href="/workspaces/{}/activity"'.format(workspace.id).encode() + not in response.data + ) + + def test_user_with_permission_has_add_project_link(client, user_session): workspace = WorkspaceFactory.create() user_session(workspace.owner)