Automatic audit logging using SQLA events

2018-09-19 11:41:27 -04:00
parent b7a33de29d
commit ddc2e2fad7
27 changed files with 346 additions and 26 deletions
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -9,6 +9,7 @@ from tempfile import TemporaryDirectory

 from atst.app import make_app, make_config
 from atst.database import db as _db
+from atst.domain.auth import logout
 import tests.factories as factories
 from tests.mocks import PDF_FILENAME

@@ -108,7 +109,7 @@ def user_session(monkeypatch, session):
    def set_user_session(user=None):
        monkeypatch.setattr(
            "atst.domain.auth.get_current_user",
-            lambda *args: user or factories.UserFactory.build(),
+            lambda *args: user or factories.UserFactory.create(),
        )

    return set_user_session
--- a/tests/domain/test_audit_log.py
+++ b/tests/domain/test_audit_log.py
@@ -0,0 +1,20 @@
+import pytest
+
+from atst.domain.audit_log import AuditLog
+from atst.domain.exceptions import UnauthorizedError
+from tests.factories import UserFactory
+
+
+@pytest.fixture(scope="function")
+def ccpo():
+    return UserFactory.from_atat_role("ccpo")
+
+
+@pytest.fixture(scope="function")
+def developer():
+    return UserFactory.from_atat_role("default")
+
+
+def test_non_admin_cannot_view_audit_log(developer):
+    with pytest.raises(UnauthorizedError):
+        AuditLog.get_all_events(developer)
--- a/tests/domain/test_projects.py
+++ b/tests/domain/test_projects.py
@@ -1,10 +1,11 @@
 from atst.domain.projects import Projects
-from atst.domain.workspaces import Workspaces
 from tests.factories import RequestFactory
+from atst.domain.workspaces import Workspaces


 def test_create_project_with_multiple_environments():
-    workspace = Workspaces.create(RequestFactory.create())
+    request = RequestFactory.create()
+    workspace = Workspaces.create(request)
    project = Projects.create(
        workspace.owner, workspace, "My Test Project", "Test", ["dev", "prod"]
    )
--- a/tests/routes/test_financial_verification.py
+++ b/tests/routes/test_financial_verification.py
@@ -133,7 +133,7 @@ class TestPENumberInForm:
        request = RequestFactory.create(creator=user)
        monkeypatch.setattr("atst.domain.requests.Requests.get", lambda *args: request)
        monkeypatch.setattr("atst.forms.financial.validate_pe_id", lambda *args: True)
-        user_session()
+        user_session(user)
        data = {**self.required_data, **extended_financial_verification_data}
        data["task_order_number"] = "1234567"