From 023bdda545abdd650c6337471a0383607c79c3ac Mon Sep 17 00:00:00 2001
From: mpeltriaux <michel.peltriaux@sgdnord.rlp.de>
Date: Tue, 26 Oct 2021 11:38:34 +0200
Subject: [PATCH] #19 Tests

* adds tests for views in intervention app
* fixes bugs detected by test writing
---
 intervention/models.py           |   2 +-
 intervention/tests.py            |   3 -
 intervention/tests/__init__.py   |   7 +
 intervention/tests/test_views.py | 293 +++++++++++++++++++++++++++++++
 intervention/views.py            |  17 ++
 konova/settings.py               |   2 +-
 6 files changed, 319 insertions(+), 5 deletions(-)
 delete mode 100644 intervention/tests.py
 create mode 100644 intervention/tests/__init__.py
 create mode 100644 intervention/tests/test_views.py

diff --git a/intervention/models.py b/intervention/models.py
index 46cc0950..ec01e15f 100644
--- a/intervention/models.py
+++ b/intervention/models.py
@@ -249,7 +249,7 @@ class Intervention(BaseObject, RecordableMixin, CheckableMixin):
             )
 
         # Create random token
-        token = generators.generate_random_string(15)
+        token = generators.generate_random_string(15, True, True, False)
         token_used_in = Intervention.objects.filter(access_token=token)
         # Make sure the token is not used anywhere as access_token, yet.
         # Make use of QuerySet lazy method for checking if it exists or not.
diff --git a/intervention/tests.py b/intervention/tests.py
deleted file mode 100644
index 7ce503c2..00000000
--- a/intervention/tests.py
+++ /dev/null
@@ -1,3 +0,0 @@
-from django.test import TestCase
-
-# Create your tests here.
diff --git a/intervention/tests/__init__.py b/intervention/tests/__init__.py
new file mode 100644
index 00000000..10799e80
--- /dev/null
+++ b/intervention/tests/__init__.py
@@ -0,0 +1,7 @@
+"""
+Author: Michel Peltriaux
+Organization: Struktur- und Genehmigungsdirektion Nord, Rhineland-Palatinate, Germany
+Contact: michel.peltriaux@sgdnord.rlp.de
+Created on: 26.10.21
+
+"""
diff --git a/intervention/tests/test_views.py b/intervention/tests/test_views.py
new file mode 100644
index 00000000..95527748
--- /dev/null
+++ b/intervention/tests/test_views.py
@@ -0,0 +1,293 @@
+"""
+Author: Michel Peltriaux
+Organization: Struktur- und Genehmigungsdirektion Nord, Rhineland-Palatinate, Germany
+Contact: michel.peltriaux@sgdnord.rlp.de
+Created on: 26.10.21
+
+"""
+from django.test import TestCase, Client
+
+from django.contrib.auth.models import User, Group
+from django.urls import reverse
+
+from intervention.models import Intervention, LegalData, ResponsibilityData
+from konova.management.commands.setup_data import GROUPS_DATA
+from konova.models import Geometry
+from konova.settings import DEFAULT_GROUP, ZB_GROUP, ETS_GROUP
+from user.models import UserActionLogEntry, UserAction
+
+
+class ViewTestCase(TestCase):
+    def setUp(self) -> None:
+        # Create superuser and regular user
+        self.superuser = User.objects.create_superuser(
+            username="root",
+            email="root@root.com",
+            password="root",
+        )
+        self.user = User.objects.create_user(
+            username="user1",
+            email="user@root.com",
+            password="user1"
+        )
+        # Create groups
+        for group_data in GROUPS_DATA:
+            name = group_data.get("name")
+            Group.objects.get_or_create(
+                name=name,
+            )
+
+        # Create dummy data
+        # Create log entry
+        action = UserActionLogEntry.objects.create(
+            user=self.superuser,
+            action=UserAction.CREATED,
+        )
+        # Create legal data object (without M2M laws first)
+        legal_data = LegalData.objects.create()
+        # Create responsible data object
+        responsibility_data = ResponsibilityData.objects.create()
+        geometry = Geometry.objects.create()
+        # Finally create main object, holding the other objects
+        intervention = Intervention.objects.create(
+            identifier="TEST",
+            title="Test_title",
+            responsible=responsibility_data,
+            legal=legal_data,
+            created=action,
+            geometry=geometry,
+            comment="Test",
+        )
+        intervention.generate_access_token(make_unique=True)
+
+        # Prepare urls
+        self.index_url = reverse("intervention:index", args=())
+        self.new_url = reverse("intervention:new", args=())
+        self.new_id_url = reverse("intervention:new-id", args=())
+        self.detail_url = reverse("intervention:detail", args=(intervention.id,))
+        self.log_url = reverse("intervention:log", args=(intervention.id,))
+        self.edit_url = reverse("intervention:edit", args=(intervention.id,))
+        self.remove_url = reverse("intervention:remove", args=(intervention.id,))
+        self.share_url = reverse("intervention:share", args=(intervention.id, intervention.access_token,))
+        self.share_create_url = reverse("intervention:share-create", args=(intervention.id,))
+        self.run_check_url = reverse("intervention:run-check", args=(intervention.id,))
+        self.record_url = reverse("intervention:record", args=(intervention.id,))
+        self.report_url = reverse("intervention:report", args=(intervention.id,))
+        self.login_url = reverse("simple-sso-login")
+
+    def test_views_logged_in_no_groups(self):
+        """ Check correct status code for all requests
+
+        Assertion: User logged in but has no groups
+
+        Returns:
+
+        """
+        # Login client
+        client = Client()
+        client.login(username="root", password="root")
+
+        success_urls = [
+            self.index_url,
+            self.report_url,
+            self.detail_url,
+        ]
+        fail_urls = [
+            self.log_url,
+            self.new_id_url,
+            self.new_url,
+            self.edit_url,
+            self.remove_url,
+            self.share_url,
+            self.share_create_url,
+            self.run_check_url,
+            self.record_url,
+        ]
+
+        for url in success_urls:
+            response = client.get(url)
+            self.assertEqual(response.status_code, 200, msg=f"Failed for {url}")
+
+        for url in fail_urls:
+            response = client.get(url)
+            self.assertEqual(response.status_code, 302, msg=f"Failed for {url}")
+
+    def test_views_anonymous_user(self):
+        """ Check correct status code for all requests
+
+        Assertion: User logged in but has no groups
+
+        Returns:
+
+        """
+        # Unknown client
+        client = Client()
+
+        success_urls = [
+            self.report_url,
+        ]
+        fail_urls = [
+            self.detail_url,
+            self.index_url,
+            self.log_url,
+            self.new_id_url,
+            self.new_url,
+            self.edit_url,
+            self.remove_url,
+            self.share_url,
+            self.share_create_url,
+            self.run_check_url,
+            self.record_url,
+        ]
+
+        for url in success_urls:
+            response = client.get(url)
+            self.assertEqual(response.status_code, 200, msg=f"Failed for {url}")
+
+        for url in fail_urls:
+            response = client.get(url, follow=True)
+            self.assertEqual(response.redirect_chain[0], (f"{self.login_url}?next={url}", 302), msg=f"Failed for {url}. Redirect chain is {response.redirect_chain}")
+
+    def test_views_logged_in_default_group(self):
+        """ Check correct status code for all requests
+
+        Assertion: User logged in and is default group member
+
+        Returns:
+
+        """
+        # Login client
+        client = Client()
+        client.login(username="root", password="root")
+
+        # Add user to default group
+        default_group = Group.objects.get(name=DEFAULT_GROUP)
+        self.superuser.groups.set([default_group])
+
+        success_urls = [
+            self.index_url,
+            self.report_url,
+            self.detail_url,
+            self.log_url,
+            self.new_id_url,
+            self.new_url,
+            self.edit_url,
+            self.remove_url,
+            self.share_create_url,
+        ]
+        fail_urls = [
+            self.run_check_url,
+            self.record_url,
+        ]
+        success_urls_redirect = {
+            self.share_url: self.detail_url
+        }
+
+        for url in success_urls:
+            response = client.get(url)
+            self.assertEqual(response.status_code, 200, msg=f"Failed for {url}")
+
+        for url in fail_urls:
+            response = client.get(url)
+            self.assertEqual(response.status_code, 302, msg=f"Failed for {url}")
+
+        for url, redirect_to in success_urls_redirect.items():
+            response = client.get(url, follow=True)
+            # Expect redirects to the landing page
+            self.assertEqual(response.redirect_chain[0], (redirect_to, 302), msg=f"Failed for {url}")
+
+    def test_views_logged_in_zb_group(self):
+        """ Check correct status code for all requests
+
+        Assertion: User logged in and is registration office member
+
+        Returns:
+
+        """
+        # Login client
+        client = Client()
+        client.login(username="root", password="root")
+
+        # Add user to default group
+        zb_group = Group.objects.get(name=ZB_GROUP)
+        self.superuser.groups.set([zb_group])
+
+        success_urls = [
+            self.index_url,
+            self.report_url,
+            self.detail_url,
+            self.run_check_url,
+        ]
+        fail_urls = [
+            self.log_url,
+            self.new_id_url,
+            self.new_url,
+            self.edit_url,
+            self.remove_url,
+            self.share_create_url,
+            self.record_url,
+        ]
+        success_urls_redirect = {
+            self.share_url: self.detail_url
+        }
+
+        for url in success_urls:
+            response = client.get(url)
+            self.assertEqual(response.status_code, 200, msg=f"Failed for {url}")
+
+        for url in fail_urls:
+            response = client.get(url)
+            self.assertEqual(response.status_code, 302, msg=f"Failed for {url}")
+
+        for url, redirect_to in success_urls_redirect.items():
+            response = client.get(url, follow=True)
+            # Expect redirects to the landing page
+            self.assertEqual(response.redirect_chain[0], (redirect_to, 302), msg=f"Failed for {url}")
+
+    def test_views_logged_in_ets_group(self):
+        """ Check correct status code for all requests
+
+        Assertion: User logged in and is registration office member
+
+        Returns:
+
+        """
+        # Login client
+        client = Client()
+        client.login(username="root", password="root")
+
+        # Add user to default group
+        ets_group = Group.objects.get(name=ETS_GROUP)
+        self.superuser.groups.set([ets_group])
+
+        success_urls = [
+            self.index_url,
+            self.report_url,
+            self.detail_url,
+            self.record_url,
+        ]
+        fail_urls = [
+            self.log_url,
+            self.new_id_url,
+            self.new_url,
+            self.edit_url,
+            self.remove_url,
+            self.share_create_url,
+            self.run_check_url,
+        ]
+        success_urls_redirect = {
+            self.share_url: self.detail_url
+        }
+
+        for url in success_urls:
+            response = client.get(url)
+            self.assertEqual(response.status_code, 200, msg=f"Failed for {url}")
+
+        for url in fail_urls:
+            response = client.get(url)
+            self.assertEqual(response.status_code, 302, msg=f"Failed for {url}")
+
+        for url, redirect_to in success_urls_redirect.items():
+            response = client.get(url, follow=True)
+            # Expect redirects to the landing page
+            self.assertEqual(response.redirect_chain[0], (redirect_to, 302), msg=f"Failed for {url}")
diff --git a/intervention/views.py b/intervention/views.py
index 6c2f524d..667c4289 100644
--- a/intervention/views.py
+++ b/intervention/views.py
@@ -93,6 +93,7 @@ def new_view(request: HttpRequest):
 
 
 @login_required
+@default_group_required
 def new_id_view(request: HttpRequest):
     """ JSON endpoint
 
@@ -111,6 +112,7 @@ def new_id_view(request: HttpRequest):
 
 
 @login_required
+@default_group_required
 def new_document_view(request: HttpRequest, id: str):
     """ Renders a form for uploading new documents
 
@@ -129,6 +131,7 @@ def new_document_view(request: HttpRequest, id: str):
 
 
 @login_required
+@default_group_required
 def get_revocation_view(request: HttpRequest, doc_id: str):
     """ Returns the revocation document as downloadable file
 
@@ -142,10 +145,18 @@ def get_revocation_view(request: HttpRequest, doc_id: str):
 
     """
     doc = get_object_or_404(RevocationDocument, id=doc_id)
+    # File download only possible if related instance is shared with user
+    if not doc.instance.users.filter(id=request.user.id):
+        messages.info(
+            request,
+            DATA_UNSHARED
+        )
+        return redirect("intervention:detail", id=doc.instance.id)
     return get_document(doc)
 
 
 @login_required
+@default_group_required
 def get_document_view(request: HttpRequest, doc_id: str):
     """ Returns the document as downloadable file
 
@@ -172,6 +183,7 @@ def get_document_view(request: HttpRequest, doc_id: str):
 
 
 @login_required
+@default_group_required
 def remove_document_view(request: HttpRequest, doc_id: str):
     """ Removes the document from the database and file system
 
@@ -251,6 +263,7 @@ def detail_view(request: HttpRequest, id: str):
 
 
 @login_required
+@default_group_required
 def edit_view(request: HttpRequest, id: str):
     """
     Renders a view for editing interventions
@@ -374,6 +387,7 @@ def share_view(request: HttpRequest, id: str, token: str):
 
 
 @login_required
+@default_group_required
 def create_share_view(request: HttpRequest, id: str):
     """ Renders sharing form for an intervention
 
@@ -393,6 +407,7 @@ def create_share_view(request: HttpRequest, id: str):
 
 
 @login_required
+@registration_office_group_required
 def run_check_view(request: HttpRequest, id: str):
     """ Renders check form for an intervention
 
@@ -413,6 +428,7 @@ def run_check_view(request: HttpRequest, id: str):
 
 
 @login_required
+@default_group_required
 def new_revocation_view(request: HttpRequest, id: str):
     """ Renders sharing form for an intervention
 
@@ -432,6 +448,7 @@ def new_revocation_view(request: HttpRequest, id: str):
 
 
 @login_required
+@default_group_required
 def log_view(request: HttpRequest, id: str):
     """ Renders a log view using modal
 
diff --git a/konova/settings.py b/konova/settings.py
index 51e5bade..1355fbae 100644
--- a/konova/settings.py
+++ b/konova/settings.py
@@ -50,7 +50,7 @@ PAGE_DEFAULT = 1
 
 # SSO settings
 SSO_SERVER_BASE = "http://127.0.0.1:8000/"
-SSO_SERVER = "{}sso/".format(SSO_SERVER_BASE)
+SSO_SERVER = f"{SSO_SERVER_BASE}sso/"
 SSO_PRIVATE_KEY = "CHANGE_ME"
 SSO_PUBLIC_KEY = "CHANGE_ME"