pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
atst/tests/routes/portfolios/test_invitations.py
dandds d7478e322a Use Celery instead of RQ. 
Celery provides a more robust set of queueing options for both tasks and
worker processes. Updates include:
- infrastructure necessary to run Celery, including celery entrypoint
- backgrounded functions are now imported directly from atst.jobs
- update tests as-needed
- update kubernetes worker pod command
2019-08-29 09:33:47 -04:00

322 lines
11 KiB
Python
Raw Blame History

import datetime
from unittest.mock import Mock
from flask import url_for
from atst.domain.portfolios import Portfolios
from atst.models import InvitationStatus, PortfolioRoleStatus
from atst.domain.permission_sets import PermissionSets
from tests.factories import *
def test_existing_member_accepts_valid_invite(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
role = PortfolioRoleFactory.create(
portfolio=portfolio, user=user, status=PortfolioRoleStatus.PENDING
)
invite = PortfolioInvitationFactory.create(dod_id=user.dod_id, role=role)
# the user does not have access to the portfolio before accepting the invite
assert len(Portfolios.for_user(user)) == 0
user_session(user)
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=invite.token)
)
# user is redirected to the portfolio view
assert response.status_code == 302
assert (
url_for("applications.portfolio_applications", portfolio_id=invite.portfolio.id)
in response.headers["Location"]
)
# the one-time use invite is no longer usable
assert invite.is_accepted
# the user has access to the portfolio
assert len(Portfolios.for_user(user)) == 1
def test_new_member_accepts_valid_invite(monkeypatch, client, user_session):
portfolio = PortfolioFactory.create()
user_info = UserFactory.dictionary()
role = PortfolioRoleFactory.create(portfolio=portfolio)
invite = PortfolioInvitationFactory.create(role=role, dod_id=user_info["dod_id"])
monkeypatch.setattr(
"atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
)
user_session(UserFactory.create(dod_id=user_info["dod_id"]))
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=invite.token)
)
# user is redirected to the portfolio view
assert response.status_code == 302
assert (
url_for("applications.portfolio_applications", portfolio_id=portfolio.id)
in response.headers["Location"]
)
# the user has access to the portfolio
assert role.user.dod_id == user_info["dod_id"]
assert len(role.user.portfolio_roles) == 1
def test_member_accepts_invalid_invite(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = PortfolioInvitationFactory.create(
user_id=user.id, role=ws_role, status=InvitationStatus.REJECTED_WRONG_USER
)
user_session(user)
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=invite.token)
)
assert response.status_code == 404
def test_user_who_has_not_accepted_portfolio_invite_cannot_view(client, user_session):
user = UserFactory.create()
portfolio = PortfolioFactory.create()
# create user in portfolio with invitation
user_session(portfolio.owner)
response = client.post(
url_for("portfolios.invite_member", portfolio_id=portfolio.id),
data=user.to_dictionary(),
)
# user tries to view portfolio before accepting invitation
user_session(user)
response = client.get("/portfolios/{}/applications".format(portfolio.id))
assert response.status_code == 404
def test_user_accepts_invite_with_wrong_dod_id(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
different_user = UserFactory.create()
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = PortfolioInvitationFactory.create(user_id=user.id, role=ws_role)
user_session(different_user)
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=invite.token)
)
assert response.status_code == 404
def test_user_accepts_expired_invite(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = PortfolioInvitationFactory.create(
user_id=user.id,
role=ws_role,
status=InvitationStatus.REJECTED_EXPIRED,
expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
)
user_session(user)
response = client.get(
url_for("portfolios.accept_invitation", portfolio_token=invite.token)
)
assert response.status_code == 404
def test_revoke_invitation(client, user_session):
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = PortfolioInvitationFactory.create(
user_id=user.id,
role=ws_role,
status=InvitationStatus.REJECTED_EXPIRED,
expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
)
user_session(portfolio.owner)
response = client.post(
url_for(
"portfolios.revoke_invitation",
portfolio_id=portfolio.id,
portfolio_token=invite.token,
)
)
assert response.status_code == 302
assert invite.is_revoked
def test_user_can_only_revoke_invites_in_their_portfolio(client, user_session):
portfolio = PortfolioFactory.create()
other_portfolio = PortfolioFactory.create()
user = UserFactory.create()
portfolio_role = PortfolioRoleFactory.create(
user=user, portfolio=other_portfolio, status=PortfolioRoleStatus.PENDING
)
invite = PortfolioInvitationFactory.create(
user_id=user.id,
role=portfolio_role,
status=InvitationStatus.REJECTED_EXPIRED,
expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
)
user_session(portfolio.owner)
response = client.post(
url_for(
"portfolios.revoke_invitation",
portfolio_id=portfolio.id,
portfolio_token=invite.token,
)
)
assert response.status_code == 404
assert not invite.is_revoked
def test_user_can_only_resend_invites_in_their_portfolio(
monkeypatch, client, user_session
):
job_mock = Mock()
monkeypatch.setattr("atst.jobs.send_mail.delay", job_mock)
portfolio = PortfolioFactory.create()
other_portfolio = PortfolioFactory.create()
user = UserFactory.create()
portfolio_role = PortfolioRoleFactory.create(
user=user, portfolio=other_portfolio, status=PortfolioRoleStatus.PENDING
)
invite = PortfolioInvitationFactory.create(
user_id=user.id,
role=portfolio_role,
status=InvitationStatus.REJECTED_EXPIRED,
expiration_time=datetime.datetime.now() - datetime.timedelta(seconds=1),
)
user_session(portfolio.owner)
response = client.post(
url_for(
"portfolios.resend_invitation",
portfolio_id=portfolio.id,
portfolio_token=invite.token,
)
)
assert response.status_code == 404
assert not job_mock.called
def test_resend_invitation_sends_email(monkeypatch, client, user_session):
job_mock = Mock()
monkeypatch.setattr("atst.jobs.send_mail.delay", job_mock)
user = UserFactory.create()
portfolio = PortfolioFactory.create()
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = PortfolioInvitationFactory.create(
user_id=user.id, role=ws_role, status=InvitationStatus.PENDING
)
user_session(portfolio.owner)
client.post(
url_for(
"portfolios.resend_invitation",
portfolio_id=portfolio.id,
portfolio_token=invite.token,
)
)
assert job_mock.called
def test_existing_member_invite_resent_to_email_submitted_in_form(
monkeypatch, client, user_session
):
job_mock = Mock()
monkeypatch.setattr("atst.jobs.send_mail.delay", job_mock)
portfolio = PortfolioFactory.create()
user = UserFactory.create()
ws_role = PortfolioRoleFactory.create(
user=user, portfolio=portfolio, status=PortfolioRoleStatus.PENDING
)
invite = PortfolioInvitationFactory.create(
user_id=user.id,
role=ws_role,
status=InvitationStatus.PENDING,
email="example@example.com",
)
user_session(portfolio.owner)
client.post(
url_for(
"portfolios.resend_invitation",
portfolio_id=portfolio.id,
portfolio_token=invite.token,
)
)
assert user.email != "example@example.com"
ordered_args, _unordered_args = job_mock.call_args
recipients, _subject, _message = ordered_args
assert recipients[0] == "example@example.com"
_DEFAULT_PERMS_FORM_DATA = {
"permission_sets-perms_app_mgmt": PermissionSets.VIEW_PORTFOLIO_APPLICATION_MANAGEMENT,
"permission_sets-perms_funding": PermissionSets.VIEW_PORTFOLIO_FUNDING,
"permission_sets-perms_reporting": PermissionSets.VIEW_PORTFOLIO_REPORTS,
"permission_sets-perms_portfolio_mgmt": PermissionSets.VIEW_PORTFOLIO_ADMIN,
}
def test_user_with_permission_has_add_member_link(client, user_session):
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
response = client.get(url_for("portfolios.admin", portfolio_id=portfolio.id))
assert response.status_code == 200
assert (
url_for("portfolios.invite_member", portfolio_id=portfolio.id).encode()
in response.data
)
def test_invite_member(monkeypatch, client, user_session, session):
job_mock = Mock()
monkeypatch.setattr("atst.jobs.send_mail.delay", job_mock)
user_data = UserFactory.dictionary()
portfolio = PortfolioFactory.create()
user_session(portfolio.owner)
response = client.post(
url_for("portfolios.invite_member", portfolio_id=portfolio.id),
data={
"user_data-dod_id": user_data.get("dod_id"),
"user_data-first_name": user_data.get("first_name"),
"user_data-last_name": user_data.get("last_name"),
"user_data-email": user_data.get("email"),
**_DEFAULT_PERMS_FORM_DATA,
},
follow_redirects=True,
)
assert response.status_code == 200
full_name = "{} {}".format(user_data.get("first_name"), user_data.get("last_name"))
assert full_name in response.data.decode()
invitation = (
session.query(PortfolioInvitation)
.filter_by(dod_id=user_data.get("dod_id"))
.one()
)
assert invitation.role.portfolio == portfolio
assert job_mock.called
assert len(invitation.role.permission_sets) == 5
Reference in New Issue View Git Blame Copy Permalink