pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move test checking route access into test_access and rename test checking if route is working

Browse Source
This commit is contained in:
leigh-mil 2019-04-24 17:09:32 -04:00
parent 72cc12f195
commit 7f4a18a49b
2 changed files with 38 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
tests/routes/applications/test_settings.py
View File

@ -166,7 +166,7 @@ def test_user_without_permission_cannot_update_application(client, user_session)
assert application.description == "Cool stuff happening here!" assert application.description == "Cool stuff happening here!"
def test_user_with_permission_can_update_team_env_roles(client, user_session): def test_update_team_env_roles(client, user_session):
environment = EnvironmentFactory.create() environment = EnvironmentFactory.create()
application = environment.application application = environment.application
env_role_1 = EnvironmentRoleFactory.create( env_role_1 = EnvironmentRoleFactory.create(
@ -209,46 +209,6 @@ def test_user_with_permission_can_update_team_env_roles(client, user_session):
assert EnvironmentRoles.get(app_role.user.id, environment.id) assert EnvironmentRoles.get(app_role.user.id, environment.id)
def test_user_without_permission_cannot_update_team_env_roles(client, user_session):
environment = EnvironmentFactory.create()
application = environment.application
app_role_without_perms = ApplicationRoleFactory.create(application=application)
env_role_1 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.BASIC_ACCESS.value
)
env_role_2 = EnvironmentRoleFactory.create(
environment=environment, role=CSPRole.BASIC_ACCESS.value
)
app_role = ApplicationRoleFactory.create(application=application)
form_data = {
"env_id": environment.id,
"team_roles-0-user_id": env_role_1.user.id,
"team_roles-0-name": env_role_1.user.full_name,
"team_roles-0-role": CSPRole.NETWORK_ADMIN.value,
"team_roles-1-user_id": env_role_2.user.id,
"team_roles-1-name": env_role_2.user.full_name,
"team_roles-1-role": "",
"team_roles-2-user_id": app_role.user.id,
"team_roles-2-name": app_role.user.full_name,
"team_roles-2-role": CSPRole.TECHNICAL_READ.value,
}
user_session(app_role_without_perms.user)
response = client.post(
url_for("applications.update_env_roles", environment_id=environment.id),
data=form_data,
follow_redirects=True,
)
assert response.status_code == 404
assert env_role_1.role == CSPRole.BASIC_ACCESS.value
assert (
EnvironmentRoles.get(env_role_2.user.id, environment.id).role
== CSPRole.BASIC_ACCESS.value
)
assert not EnvironmentRoles.get(app_role.user.id, environment.id)
def test_user_can_only_access_apps_in_their_portfolio(client, user_session): def test_user_can_only_access_apps_in_their_portfolio(client, user_session):
portfolio = PortfolioFactory.create() portfolio = PortfolioFactory.create()
other_portfolio = PortfolioFactory.create( other_portfolio = PortfolioFactory.create(

37
tests/test_access.py
View File

@ -8,12 +8,14 @@ import atst
from atst.app import make_app, make_config from atst.app import make_app, make_config
from atst.domain.auth import UNPROTECTED_ROUTES as _NO_LOGIN_REQUIRED from atst.domain.auth import UNPROTECTED_ROUTES as _NO_LOGIN_REQUIRED
from atst.domain.permission_sets import PermissionSets from atst.domain.permission_sets import PermissionSets
from atst.models.environment_role import CSPRole
from atst.models.portfolio_role import Status as PortfolioRoleStatus from atst.models.portfolio_role import Status as PortfolioRoleStatus
from tests.factories import ( from tests.factories import (
AttachmentFactory, AttachmentFactory,
ApplicationFactory, ApplicationFactory,
ApplicationRoleFactory, ApplicationRoleFactory,
EnvironmentFactory,
InvitationFactory, InvitationFactory,
PortfolioFactory, PortfolioFactory,
PortfolioRoleFactory, PortfolioRoleFactory,
@ -168,6 +170,41 @@ def test_applications_create_access(post_url_assert_status):
post_url_assert_status(rando, url, 404) post_url_assert_status(rando, url, 404)
# applications.update_env_roles
def test_applications_update_team_env_roles(post_url_assert_status):
ccpo = UserFactory.create_ccpo()
owner = user_with()
app_admin = user_with()
rando = user_with()
app_member = UserFactory.create()
portfolio = PortfolioFactory.create(
owner=owner, applications=[{"name": "mos eisley"}]
)
application = portfolio.applications[0]
environment = EnvironmentFactory.create(application=application)
ApplicationRoleFactory.create(
user=app_admin,
application=application,
permission_sets=PermissionSets.get_many(
[
PermissionSets.VIEW_APPLICATION,
PermissionSets.EDIT_APPLICATION_ENVIRONMENTS,
PermissionSets.EDIT_APPLICATION_TEAM,
PermissionSets.DELETE_APPLICATION_ENVIRONMENTS,
]
),
)
ApplicationRoleFactory.create(user=app_member)
url = url_for("applications.update_env_roles", environment_id=environment.id)
post_url_assert_status(ccpo, url, 302)
post_url_assert_status(owner, url, 302)
post_url_assert_status(app_admin, url, 302)
post_url_assert_status(rando, url, 404)
# portfolios.create_member # portfolios.create_member
def test_portfolios_create_member_access(post_url_assert_status): def test_portfolios_create_member_access(post_url_assert_status):
ccpo = user_with(PermissionSets.EDIT_PORTFOLIO_ADMIN) ccpo = user_with(PermissionSets.EDIT_PORTFOLIO_ADMIN)