pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

check user is ccpo for request approval page

Browse Source
This commit is contained in:
dandds
2018-09-06 10:36:06 -04:00
parent 0391348b5d
commit 8f97fc4cbf
3 changed files with 47 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
tests/routes/test_request_approval.py
View File

@@ -2,11 +2,28 @@ import os
from flask import url_for
from atst.models.attachment import Attachment
from atst.domain.roles import Roles
from tests.factories import RequestFactory, TaskOrderFactory, UserFactory
def test_approval():
pass
def test_ccpo_can_view_approval(user_session, client):
ccpo = Roles.get("ccpo")
user = UserFactory.create(atat_role=ccpo)
user_session(user)
request = RequestFactory.create()
response = client.get(url_for("requests.approval", request_id=request.id))
assert response.status_code == 200
def test_non_ccpo_cannot_view_approval(user_session, client):
user = UserFactory.create()
user_session(user)
request = RequestFactory.create(creator=user)
response = client.get(url_for("requests.approval", request_id=request.id))
assert response.status_code == 404
def test_task_order_download(app, client, user_session, pdf_upload):
@@ -21,12 +38,16 @@ def test_task_order_download(app, client, user_session, pdf_upload):
pdf_upload.seek(0)
pdf_content = pdf_upload.read()
pdf_upload.close()
full_path = os.path.join(app.config.get("STORAGE_CONTAINER"), attachment.object_name)
full_path = os.path.join(
app.config.get("STORAGE_CONTAINER"), attachment.object_name
)
with open(full_path, "wb") as output_file:
output_file.write(pdf_content)
output_file.flush()
response = client.get(url_for("requests.task_order_pdf_download", request_id=request.id))
response = client.get(
url_for("requests.task_order_pdf_download", request_id=request.id)
)
assert response.data == pdf_content
@@ -34,5 +55,7 @@ def test_task_order_download_does_not_exist(client, user_session):
user = UserFactory.create()
user_session(user)
request = RequestFactory.create(creator=user)
response = client.get(url_for("requests.task_order_pdf_download", request_id=request.id))
response = client.get(
url_for("requests.task_order_pdf_download", request_id=request.id)
)
assert response.status_code == 404