pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use access specs

Browse Source
This commit is contained in:
George Drummond 2019-04-17 13:52:06 -04:00
parent e814f8904d
commit 52669a0265
No known key found for this signature in database
GPG Key ID: 296DD6077123BF17
2 changed files with 20 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
tests/routes/portfolios/test_applications.py
View File

@ -351,7 +351,7 @@ def test_edit_application_scope(client, user_session):
assert response.status_code == 404 assert response.status_code == 404
def test_application_team_with_permissions(client, user_session): def test_application_team(client, user_session):
portfolio = PortfolioFactory.create() portfolio = PortfolioFactory.create()
application = ApplicationFactory.create(portfolio=portfolio) application = ApplicationFactory.create(portfolio=portfolio)
@ -366,21 +366,3 @@ def test_application_team_with_permissions(client, user_session):
) )
assert response.status_code == 200 assert response.status_code == 200
def test_application_team_without_permissions(client, user_session):
random_user = UserFactory.create()
portfolio = PortfolioFactory.create()
application = ApplicationFactory.create(portfolio=portfolio)
user_session(random_user)
response = client.get(
url_for(
"portfolios.application_team",
portfolio_id=portfolio.id,
application_id=application.id,
)
)
assert response.status_code == 404

19
tests/test_access.py
View File

@ -12,6 +12,7 @@ from atst.models.portfolio_role import Status as PortfolioRoleStatus
from tests.factories import ( from tests.factories import (
AttachmentFactory, AttachmentFactory,
ApplicationFactory,
ApplicationRoleFactory, ApplicationRoleFactory,
InvitationFactory, InvitationFactory,
PortfolioFactory, PortfolioFactory,
@ -815,3 +816,21 @@ def test_task_orders_update_access(post_url_assert_status):
post_url_assert_status(owner, url, 302) post_url_assert_status(owner, url, 302)
post_url_assert_status(ccpo, url, 302) post_url_assert_status(ccpo, url, 302)
post_url_assert_status(rando, url, 404) post_url_assert_status(rando, url, 404)
def test_portfolio_application_team_access(get_url_assert_status):
ccpo = UserFactory.create_ccpo()
rando = UserFactory.create()
portfolio = PortfolioFactory.create()
application = ApplicationFactory.create(portfolio=portfolio)
url = url_for(
"portfolios.application_team",
portfolio_id=portfolio.id,
application_id=application.id,
)
get_url_assert_status(ccpo, url, 200)
get_url_assert_status(portfolio.owner, url, 200)
get_url_assert_status(rando, url, 404)