mirror/peeringdb-peeringdb
1
0
Fork 0
mirror of https://github.com/peeringdb/peeringdb.git synced 2024-05-11 05:55:09 +00:00
Code Releases Activity
Files
09b4759b0299f1ff2d0a8d27384eb8c521cd7ec9
peeringdb-peeringdb/tests/test_orgadmin.py

631 lines
22 KiB
Python
Raw Normal View History

initial commit of code
2018-11-08 19:45:21 +00:00
import pytest
import json
from django.test import Client, TestCase, RequestFactory
from django.contrib.auth.models import Group
import peeringdb_server.models as models
import peeringdb_server.org_admin_views as org_admin
import peeringdb_server.views as views
from django_namespace_perms.constants import PERM_CREATE, PERM_DELETE
class OrgAdminTests(TestCase):
"""
Test organization administration functionality, such as
org admins permissioning users and approving or denying
affiliation requests
"""
entities = ["ix", "net", "fac"]
@classmethod
def setUpTestData(cls):
# create user and guest group
guest_group = Group.objects.create(name="guest")
user_group = Group.objects.create(name="user")
# create test users
for name in [
black formatted
2019-12-05 16:57:52 +00:00
"org_admin",
"user_a",
"user_b",
"user_c",
"user_d",
"user_e",
"user_f",
initial commit of code
2018-11-08 19:45:21 +00:00
]:
black formatted
2019-12-05 16:57:52 +00:00
setattr(
cls,
name,
models.User.objects.create_user(name, "%s@localhost" % name, name),
)
initial commit of code
2018-11-08 19:45:21 +00:00
getattr(cls, name).set_password(name)
# create test org
black formatted
2019-12-05 16:57:52 +00:00
cls.org = models.Organization.objects.create(name="Test org", status="ok")
initial commit of code
2018-11-08 19:45:21 +00:00
cls.org_other = models.Organization.objects.create(
black formatted
2019-12-05 16:57:52 +00:00
name="Test org other", status="ok"
)
initial commit of code
2018-11-08 19:45:21 +00:00
# create test entities
for tag in cls.entities:
kwargs = {"name": "Test %s" % tag, "status": "ok", "org": cls.org}
if tag == "net":
kwargs.update(asn=1)
setattr(cls, tag, models.REFTAG_MAP[tag].objects.create(**kwargs))
# add org_admin user to org as admin
cls.org.admin_usergroup.user_set.add(cls.org_admin)
# add user_a user to org as member
cls.org.usergroup.user_set.add(cls.user_a)
cls.org_other.usergroup.user_set.add(cls.user_b)
def setUp(self):
self.factory = RequestFactory()
def test_users(self):
"""
Tests the result of org_admin_views.users
"""
# test #1 - return a json response with the user we added to the org's member
# usergroup
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.get("/org-admin/users?org_id=%d" % (self.org.id))
initial commit of code
2018-11-08 19:45:21 +00:00
request.user = self.org_admin
resp = json.loads(org_admin.users(request).content)
self.assertEqual(resp["status"], "ok")
black formatted
2019-12-05 16:57:52 +00:00
self.assertEqual(
resp["users"],
[
{
"id": self.user_a.id,
"name": "%s <%s, %s>"
% (self.user_a.full_name, self.user_a.email, self.user_a.username),
}
],
)
initial commit of code
2018-11-08 19:45:21 +00:00
# test #2 - return 403 response when trying to access the org where org_admin
# is not administrator
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.get("/org-admin/users?org_id=%d" % (self.org_other.id))
initial commit of code
2018-11-08 19:45:21 +00:00
request.user = self.org_admin
resp = org_admin.users(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
def test_load_all_user_permissions(self):
"""
Test the result of org_admin_views.load_all_user_permissions
"""
uid = self.user_a.id
perms = {
uid: {
black formatted
2019-12-05 16:57:52 +00:00
"perms": {"net.%d" % self.net.id: 0x01, "fac": 0x03},
initial commit of code
2018-11-08 19:45:21 +00:00
"id": self.user_a.id,
black formatted
2019-12-05 16:57:52 +00:00
"name": "%s <%s> %s"
% (self.user_a.full_name, self.user_a.email, self.user_a.username),
initial commit of code
2018-11-08 19:45:21 +00:00
}
}
black formatted
2019-12-05 16:57:52 +00:00
org_admin.save_user_permissions(self.org, self.user_a, perms[uid]["perms"])
initial commit of code
2018-11-08 19:45:21 +00:00
perms_all = org_admin.load_all_user_permissions(self.org)
self.assertEqual(perms_all, perms)
def test_user_permissions_update_remove(self):
"""
Test the result of org_admin_views.user_permissions_update
Test the result of org_admin_views.user_permissions_remove
"""
# Test #1 - test updating a user a's permission to the org
url = "/org-admin/user_permissions/update?org_id=%d&user_id=%d" % (
black formatted
2019-12-05 16:57:52 +00:00
self.org.id,
self.user_a.id,
)
request = self.factory.post(
url, data={"entity": "net.%d" % self.net.id, "perms": 0x03}
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.user_permission_update(request)
self.assertEqual(json.loads(resp.content).get("status"), "ok")
# test that the perms we just updated saved correctly
uperms, perms = org_admin.load_user_permissions(self.org, self.user_a)
self.assertEqual(perms, {"net.%d" % self.net.id: 0x03})
# Test #2 - should not be allowed to update user b's perms as he is not a member of
# the org
url = "/org-admin/user_permissions/update?org_id=%d&user_id=%d" % (
black formatted
2019-12-05 16:57:52 +00:00
self.org.id,
self.user_b.id,
)
request = self.factory.post(
url, data={"entity": "net.%d" % self.net.id, "perms": 0x03}
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.user_permission_update(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
# Test #3 - should not be allowed to update user b's perms because we are not
# the admin of his org
url = "/org-admin/user_permissions/update?org_id=%d&user_id=%d" % (
black formatted
2019-12-05 16:57:52 +00:00
self.org_other.id,
self.user_b.id,
)
request = self.factory.post(
url, data={"entity": "net.%d" % self.net.id, "perms": 0x03}
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.user_permission_update(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
# Test #4 - remove the permissions we just added
url = "/org-admin/user_permissions/remove?org_id=%d&user_id=%d" % (
black formatted
2019-12-05 16:57:52 +00:00
self.org.id,
self.user_a.id,
)
request = self.factory.post(url, data={"entity": "net.%d" % self.net.id})
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.user_permission_remove(request)
self.assertEqual(json.loads(resp.content).get("status"), "ok")
# test that the perms we just removed saved correctly
uperms, perms = org_admin.load_user_permissions(self.org, self.user_a)
self.assertEqual(perms, {})
# Test #5 - should not be allowed remove user b's permissions as he
# is not a member of the org
url = "/org-admin/user_permissions/remove?org_id=%d&user_id=%d" % (
black formatted
2019-12-05 16:57:52 +00:00
self.org.id,
self.user_b.id,
)
request = self.factory.post(url, data={"entity": "net.%d" % self.net.id})
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.user_permission_remove(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
# Test #6 - should not be allowed to remove user b's permissions as we
# are not the admin of his org
url = "/org-admin/user_permissions/remove?org_id=%d&user_id=%d" % (
black formatted
2019-12-05 16:57:52 +00:00
self.org_other.id,
self.user_b.id,
)
request = self.factory.post(url, data={"entity": "net.%d" % self.net.id})
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.user_permission_remove(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
def test_user_permissions(self):
"""
Test the result of org_admin_views.user_permissions
Test org_admin_views.save_user_permissions
Test org_admin_views.load_user_permissions
"""
# Test #1 - test user a's permission to the org
request = self.factory.get(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/user_permissions?org_id=%d" % (self.org.id)
)
initial commit of code
2018-11-08 19:45:21 +00:00
request.user = self.org_admin
uid = str(self.user_a.id)
# we make some temporary perms for user_a
perms = {uid: {"net.%d" % self.net.id: 0x01, "fac": 0x03}}
org_admin.save_user_permissions(self.org, self.user_a, perms[uid])
resp = json.loads(org_admin.user_permissions(request).content)
self.assertEqual(resp["status"], "ok")
self.assertEqual(resp["user_permissions"], perms)
# Test #2 - clear the perms we just made for this test
org_admin.save_user_permissions(self.org, self.user_a, {})
resp = json.loads(org_admin.user_permissions(request).content)
self.assertEqual(resp["status"], "ok")
self.assertEqual(resp["user_permissions"], {uid: {}})
# Test #5 - no permissions to org
request = self.factory.get(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/user_permissions?org_id=%d" % (self.org_other.id)
)
initial commit of code
2018-11-08 19:45:21 +00:00
request.user = self.org_admin
resp = org_admin.user_permissions(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
def test_org_admin_tools(self):
"""
Test that users with create / delete permissions have access to the tools
on the org management page
"""
for tag in ["fac", "net", "ix"]:
black formatted
2019-12-05 16:57:52 +00:00
org_admin.save_user_permissions(self.org, self.user_a, {tag: PERM_CREATE})
initial commit of code
2018-11-08 19:45:21 +00:00
c = Client()
c.login(username=self.user_a.username, password="user_a")
resp = c.get("/org/%d" % self.org.id, follow=True)
Qu1003 (#621) * use new peeringdb client (1.0.0) for pdb_load_data sync (#599) * drop django-mobi for lack of py3/dj2 support (#492) remove django-forms-bootstrap for lack of py3/dj2 support (#492) * black formatted * django2.2 and py3 upgrade (#492) * drop ixlans (#21) ui and api changes * drop local_asn (#168) * org search (#193) * phone number validation (#50) * implement help text tooltips (#228) * Mark own ASN as transit-free (#394) * py3 fix for `pdb_migrate_ixlans` command when writing migration report * pdb_migrate_ixlans: properly handle py3 Runtime error if ixlan dict changes during iteration * set rest DEFAULT_SCHEMA_CLASS to coreapi to fix swagger apidocs fix migration 0027 missing from facsimile manifest * fix swagger doc strings * fix tests that were broken from api doc fixes * fix UniqueFieldValidator for netixlan ipaddress validation that broke during django/drf upgrade * fix org merge tool layout issues * travis config * update pipfile and lock * black formatting * update travis dist * beta mode banner (#411) * add beta banner template (#411) * automatically scheduled sync may not always be on, add a flag that lets us reflect that state in the beta banner message clean up beta banner implementation (#411) * add tests for beta banner (#411)
2020-01-08 13:29:58 -06:00
print(resp)
initial commit of code
2018-11-08 19:45:21 +00:00
for _tag in ["fac", "net", "ix"]:
if _tag != tag:
Qu1003 (#621) * use new peeringdb client (1.0.0) for pdb_load_data sync (#599) * drop django-mobi for lack of py3/dj2 support (#492) remove django-forms-bootstrap for lack of py3/dj2 support (#492) * black formatted * django2.2 and py3 upgrade (#492) * drop ixlans (#21) ui and api changes * drop local_asn (#168) * org search (#193) * phone number validation (#50) * implement help text tooltips (#228) * Mark own ASN as transit-free (#394) * py3 fix for `pdb_migrate_ixlans` command when writing migration report * pdb_migrate_ixlans: properly handle py3 Runtime error if ixlan dict changes during iteration * set rest DEFAULT_SCHEMA_CLASS to coreapi to fix swagger apidocs fix migration 0027 missing from facsimile manifest * fix swagger doc strings * fix tests that were broken from api doc fixes * fix UniqueFieldValidator for netixlan ipaddress validation that broke during django/drf upgrade * fix org merge tool layout issues * travis config * update pipfile and lock * black formatting * update travis dist * beta mode banner (#411) * add beta banner template (#411) * automatically scheduled sync may not always be on, add a flag that lets us reflect that state in the beta banner message clean up beta banner implementation (#411) * add tests for beta banner (#411)
2020-01-08 13:29:58 -06:00
assert "#add_{}".format(_tag) not in resp.content.decode()
assert "#add_{}".format(tag) in resp.content.decode()
initial commit of code
2018-11-08 19:45:21 +00:00
def test_manage_user_delete(self):
"""
Test the result of org_admin_views.manager_user_delete
"""
self.org.admin_usergroup.user_set.add(self.user_e)
self.org.usergroup.user_set.add(self.user_f)
# make sure that user f is currently member and not admin
self.assertEqual(self.user_f.is_org_member(self.org), True)
self.assertEqual(self.user_f.is_org_admin(self.org), False)
self.assertEqual(self.user_e.is_org_member(self.org), False)
self.assertEqual(self.user_e.is_org_admin(self.org), True)
# test #1 - remove user f (member) from org
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.post(
"/org-admin/manage_user/delete",
{"org_id": self.org.id, "user_id": self.user_f.id},
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_delete(request)
self.assertEqual(json.loads(resp.content), {"status": "ok"})
self.user_a.refresh_from_db()
self.assertEqual(self.user_f.is_org_member(self.org), False)
self.assertEqual(self.user_f.is_org_admin(self.org), False)
# test #2 - remove user e (admin) from org
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.post(
"/org-admin/manage_user/delete",
{"org_id": self.org.id, "user_id": self.user_e.id},
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_delete(request)
self.assertEqual(json.loads(resp.content), {"status": "ok"})
self.user_a.refresh_from_db()
self.assertEqual(self.user_e.is_org_member(self.org), False)
self.assertEqual(self.user_e.is_org_admin(self.org), False)
# test #3 - fail on user that is not currently in org
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.post(
"/org-admin/manage_user/delete",
{"org_id": self.org.id, "user_id": self.user_d.id},
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_delete(request)
self.assertEqual(resp.status_code, 403)
# test #3 - fail on org that you are not an admin of
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.post(
"/org-admin/manage_user/delete",
{"org_id": self.org_other.id, "user_id": self.user_d.id},
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_delete(request)
self.assertEqual(resp.status_code, 403)
def test_manage_user_update(self):
"""
Test the result of org_admin_views.manage_user_update
"""
# make sure that user a is currently member and not admin
self.assertEqual(self.user_a.is_org_member(self.org), True)
self.assertEqual(self.user_a.is_org_admin(self.org), False)
# test #1 - move user a to admin group
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.post(
"/org-admin/manage_user/update",
{"org_id": self.org.id, "user_id": self.user_a.id, "group": "admin"},
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(json.loads(resp.content), {"status": "ok"})
self.user_a.refresh_from_db()
self.assertEqual(self.user_a.is_org_member(self.org), False)
self.assertEqual(self.user_a.is_org_admin(self.org), True)
# test #2 move back to member group
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.post(
"/org-admin/manage_user/update",
{"org_id": self.org.id, "user_id": self.user_a.id, "group": "member"},
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(json.loads(resp.content), {"status": "ok"})
self.user_a.refresh_from_db()
self.assertEqual(self.user_a.is_org_member(self.org), True)
self.assertEqual(self.user_a.is_org_admin(self.org), False)
# test #3 - fail on user that is not currently in org
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.post(
"/org-admin/manage_user/update",
{"org_id": self.org.id, "user_id": self.user_d.id, "group": "member"},
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(resp.status_code, 403)
# test #3 - fail on org that you are not an admin of
request = self.factory.post(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/manage_user/update",
{"org_id": self.org_other.id, "user_id": self.user_d.id, "group": "admin"},
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.manage_user_update(request)
self.assertEqual(resp.status_code, 403)
def test_permissions(self):
"""
Test the result of org_admin_views.permissions
"""
# Test #1 - retrieve permissioning ids for org
black formatted
2019-12-05 16:57:52 +00:00
request = self.factory.get("/org-admin/permissions?org_id=%d" % self.org.id)
initial commit of code
2018-11-08 19:45:21 +00:00
request.user = self.org_admin
resp = json.loads(org_admin.permissions(request).content)
self.assertEqual(resp["status"], "ok")
ids = dict([(r["id"], r["name"]) for r in resp["permissions"]])
self.assertEqual(len(ids), 7)
self.assertIn("org.%d" % self.org.id, ids)
self.assertIn("ix.%d" % self.ix.id, ids)
self.assertIn("net.%d" % self.net.id, ids)
self.assertIn("fac.%d" % self.fac.id, ids)
# Test #2 - cannot retrieve ids for other org as we are not admin
request = self.factory.get(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/permissions?org_id=%d" % self.org_other.id
)
initial commit of code
2018-11-08 19:45:21 +00:00
request.user = self.org_admin
resp = org_admin.permissions(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
def test_permission_ids(self):
"""
Test the result of org_admin_views.permission_ids
"""
ids = org_admin.permission_ids(self.org)
self.assertEqual(type(ids), dict)
self.assertEqual(len(ids), 7)
self.assertIn("org.%d" % self.org.id, ids)
self.assertIn("ix.%d" % self.ix.id, ids)
self.assertIn("net.%d" % self.net.id, ids)
self.assertIn("fac.%d" % self.fac.id, ids)
def test_extract_permission_id(self):
"""
Test the result of org_admin_views.extract_permission_id
"""
# extract permission ids to here
dest = {}
# prepare source dict with nsp namespaces
source = {
self.net.nsp_namespace: 0x01,
self.ix.nsp_namespace: 0x01,
black formatted
2019-12-05 16:57:52 +00:00
self.fac.nsp_namespace: 0x01,
initial commit of code
2018-11-08 19:45:21 +00:00
}
# extract ids
org_admin.extract_permission_id(source, dest, self.net, self.org)
org_admin.extract_permission_id(source, dest, self.ix, self.org)
org_admin.extract_permission_id(source, dest, self.fac, self.org)
black formatted
2019-12-05 16:57:52 +00:00
self.assertEqual(
{
"net.%d" % self.net.id: 0x01,
"ix.%d" % self.ix.id: 0x01,
"fac.%d" % self.fac.id: 0x01,
},
dest,
)
initial commit of code
2018-11-08 19:45:21 +00:00
# test with just the models
# extract permission ids to here
dest = {}
# prepare source dict with nsp namespaces
source = {
self.net.nsp_namespace_from_id(self.org.id, "*").strip(".*"): 0x01,
self.fac.nsp_namespace_from_id(self.org.id, "*").strip(".*"): 0x03,
self.ix.nsp_namespace_from_id(self.org.id, "*").strip(".*"): 0x01,
}
# extract ids
org_admin.extract_permission_id(source, dest, models.Network, self.org)
black formatted
2019-12-05 16:57:52 +00:00
org_admin.extract_permission_id(source, dest, models.InternetExchange, self.org)
org_admin.extract_permission_id(source, dest, models.Facility, self.org)
initial commit of code
2018-11-08 19:45:21 +00:00
self.assertEqual({"net": 0x01, "fac": 0x03, "ix": 0x01}, dest)
def test_uoar_approve(self):
"""
Test approving of a user-org-affiliation-request
org_admin_views.uoar_approve
"""
# create a uoar for user c
uoar = models.UserOrgAffiliationRequest.objects.create(
black formatted
2019-12-05 16:57:52 +00:00
user=self.user_c, asn=1, status="pending"
)
initial commit of code
2018-11-08 19:45:21 +00:00
# test that org id was properly derived from network asn
self.assertEqual(uoar.org.id, self.org.id)
# test approval
request = self.factory.post(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/uoar/approve?org_id=%d" % self.org.id, data={"id": uoar.id}
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = json.loads(org_admin.uoar_approve(request).content)
black formatted
2019-12-05 16:57:52 +00:00
self.assertEqual(
{
"status": "ok",
"full_name": self.user_c.full_name,
"id": self.user_c.id,
"email": self.user_c.email,
},
resp,
)
initial commit of code
2018-11-08 19:45:21 +00:00
# check that user is now a member of the org
self.assertEqual(
black formatted
2019-12-05 16:57:52 +00:00
self.org.usergroup.user_set.filter(id=self.user_c.id).exists(), True
)
initial commit of code
2018-11-08 19:45:21 +00:00
# check that the UOAR is gone
self.assertEqual(
black formatted
2019-12-05 16:57:52 +00:00
models.UserOrgAffiliationRequest.objects.filter(id=uoar.id).exists(), False
)
initial commit of code
2018-11-08 19:45:21 +00:00
# test: we shouldnt be allowed to approve uoar's for the org we are not
# admins of
request = self.factory.post(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/uoar/approve?org_id=%d" % self.org_other.id,
data={"id": uoar.id},
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.uoar_approve(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
# test: trying to approve an uoar that doesn't belong to the org shouldn't
# be allowed
uoar_b = models.UserOrgAffiliationRequest.objects.create(
black formatted
2019-12-05 16:57:52 +00:00
user=self.user_d, asn=22, status="pending"
)
initial commit of code
2018-11-08 19:45:21 +00:00
request = self.factory.post(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/uoar/approve?org_id=%d" % self.org.id, data={"id": uoar_b.id}
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.uoar_approve(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
uoar_b.delete()
def test_uoar_deny(self):
"""
Test denying of a user-org-affiliation-request
org_admin_views.uoar_deny
"""
# create a uoar for user d
uoar = models.UserOrgAffiliationRequest.objects.create(
black formatted
2019-12-05 16:57:52 +00:00
user=self.user_d, asn=1, status="pending"
)
initial commit of code
2018-11-08 19:45:21 +00:00
# test that org id was properly derived from network asn
self.assertEqual(uoar.org.id, self.org.id)
# test deny
request = self.factory.post(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/uoar/deny?org_id=%d" % self.org.id, data={"id": uoar.id}
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = json.loads(org_admin.uoar_deny(request).content)
black formatted
2019-12-05 16:57:52 +00:00
self.assertEqual({"status": "ok",}, resp)
initial commit of code
2018-11-08 19:45:21 +00:00
# check that user is not a member of the org
self.assertEqual(
black formatted
2019-12-05 16:57:52 +00:00
self.org.usergroup.user_set.filter(id=self.user_d.id).exists(), False
)
initial commit of code
2018-11-08 19:45:21 +00:00
# check that the UOAR is there, but status is denyed
uoar = models.UserOrgAffiliationRequest.objects.get(id=uoar.id)
self.assertEqual(uoar.status, "denied")
# test: we shouldnt be allowed to deny uoars for the org we are not
# admins of
request = self.factory.post(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/uoar/deny?org_id=%d" % self.org_other.id, data={"id": uoar.id}
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.uoar_approve(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
# test: trying to deny an uoar that doesn't belong to the org shouldn't
# be allowed
uoar_b = models.UserOrgAffiliationRequest.objects.create(
black formatted
2019-12-05 16:57:52 +00:00
user=self.user_d, asn=22, status="pending"
)
initial commit of code
2018-11-08 19:45:21 +00:00
request = self.factory.post(
black formatted
2019-12-05 16:57:52 +00:00
"/org-admin/uoar/deny?org_id=%d" % self.org.id, data={"id": uoar_b.id}
)
initial commit of code
2018-11-08 19:45:21 +00:00
request._dont_enforce_csrf_checks = True
request.user = self.org_admin
resp = org_admin.uoar_deny(request)
self.assertEqual(resp.status_code, 403)
self.assertEqual(json.loads(resp.content), {})
uoar_b.delete()
Copy Permalink