From 2957035b5a344534eb760b9b6b456518535cb23a Mon Sep 17 00:00:00 2001 From: mpeltriaux Date: Wed, 10 Nov 2021 09:11:24 +0100 Subject: [PATCH] #19 Tests * adds EcoAccount tests * fixes bugs found by testing --- compensation/tests/test_views.py | 184 +++++++++++++++++++++++- compensation/views/eco_account_views.py | 31 +++- konova/tests/test_views.py | 37 ++++- konova/utils/message_templates.py | 5 +- 4 files changed, 251 insertions(+), 6 deletions(-) diff --git a/compensation/tests/test_views.py b/compensation/tests/test_views.py index 5e0edd1..5d865ed 100644 --- a/compensation/tests/test_views.py +++ b/compensation/tests/test_views.py @@ -17,8 +17,6 @@ class CompensationViewTestCase(BaseViewTestCase): These tests focus on proper returned views depending on the user's groups privileges and login status """ - comp_state = None - comp_action = None @classmethod def setUpTestData(cls) -> None: @@ -224,3 +222,185 @@ class CompensationViewTestCase(BaseViewTestCase): ] self.assert_url_fail(client, fail_urls) self.assert_url_success(client, success_urls) + + +class EcoAccountViewTestCase(CompensationViewTestCase): + """ + These tests focus on proper returned views depending on the user's groups privileges and login status + + EcoAccounts can inherit the same tests used for compensations. + + """ + comp_state = None + comp_action = None + + @classmethod + def setUpTestData(cls) -> None: + super().setUpTestData() + state = cls.create_dummy_states() + cls.eco_account.before_states.set([state]) + cls.eco_account.after_states.set([state]) + + action = cls.create_dummy_action() + cls.eco_account.actions.set([action]) + + # Prepare urls + cls.index_url = reverse("compensation:acc-index", args=()) + cls.new_url = reverse("compensation:acc-new", args=()) + cls.new_id_url = reverse("compensation:acc-new-id", args=()) + cls.detail_url = reverse("compensation:acc-detail", args=(cls.eco_account.id,)) + cls.log_url = reverse("compensation:acc-log", args=(cls.eco_account.id,)) + cls.edit_url = reverse("compensation:acc-edit", args=(cls.eco_account.id,)) + cls.remove_url = reverse("compensation:acc-remove", args=(cls.eco_account.id,)) + cls.report_url = reverse("compensation:acc-report", args=(cls.eco_account.id,)) + cls.state_new_url = reverse("compensation:acc-new-state", args=(cls.eco_account.id,)) + cls.action_new_url = reverse("compensation:acc-new-action", args=(cls.eco_account.id,)) + cls.deadline_new_url = reverse("compensation:acc-new-deadline", args=(cls.eco_account.id,)) + cls.new_doc_url = reverse("compensation:acc-new-doc", args=(cls.eco_account.id,)) + cls.state_remove_url = reverse("compensation:acc-state-remove", args=(cls.eco_account.id, cls.comp_state.id,)) + cls.action_remove_url = reverse("compensation:acc-action-remove", args=(cls.eco_account.id, cls.comp_action.id,)) + + def test_logged_in_no_groups_shared(self): + """ Check correct status code for all requests + + Assumption: User logged in and has no groups and data is shared + + Returns: + + """ + client = Client() + client.login(username=self.superuser.username, password=self.superuser_pw) + self.superuser.groups.set([]) + self.eco_account.users.set([self.superuser]) + + # Since the user has no groups, it does not matter that data has been shared. There SHOULD not be any difference + # to a user without access, since the important permissions are missing + success_urls = [ + self.index_url, + self.detail_url, + self.report_url, + ] + fail_urls = [ + self.new_url, + self.new_id_url, + self.log_url, + self.edit_url, + self.remove_url, + self.state_new_url, + self.action_new_url, + self.deadline_new_url, + self.state_remove_url, + self.action_remove_url, + self.new_doc_url, + ] + + self.assert_url_success(client, success_urls) + self.assert_url_fail(client, fail_urls) + + def test_logged_in_no_groups_unshared(self): + """ Check correct status code for all requests + + Assumption: User logged in and has no groups and data is shared + + Returns: + + """ + client = Client() + client.login(username=self.superuser.username, password=self.superuser_pw) + self.superuser.groups.set([]) + self.eco_account.users.set([]) + + # Since the user has no groups, it does not matter that data is unshared. There SHOULD not be any difference + # to a user having shared access, since all important permissions are missing + success_urls = [ + self.index_url, + self.detail_url, + self.report_url, + ] + fail_urls = [ + self.new_url, + self.new_id_url, + self.log_url, + self.edit_url, + self.remove_url, + self.state_new_url, + self.action_new_url, + self.deadline_new_url, + self.state_remove_url, + self.action_remove_url, + self.new_doc_url, + ] + + self.assert_url_success(client, success_urls) + self.assert_url_fail(client, fail_urls) + + def test_logged_in_default_group_shared(self): + """ Check correct status code for all requests + + Assumption: User logged in, is default group member and data is shared + --> Default group necessary since all base functionalities depend on this group membership + + Returns: + + """ + client = Client() + client.login(username=self.superuser.username, password=self.superuser_pw) + group = self.groups.get(name=DEFAULT_GROUP) + self.superuser.groups.set([group]) + # Sharing is inherited by base intervention for compensation. Therefore configure the interventions share state + self.eco_account.users.set([self.superuser]) + + success_urls = [ + self.index_url, + self.detail_url, + self.report_url, + self.new_url, + self.new_id_url, + self.edit_url, + self.state_new_url, + self.action_new_url, + self.deadline_new_url, + self.state_remove_url, + self.action_remove_url, + self.new_doc_url, + self.log_url, + self.remove_url, + ] + self.assert_url_success(client, success_urls) + + def test_logged_in_default_group_unshared(self): + """ Check correct status code for all requests + + Assumption: User logged in, is default group member and data is NOT shared + --> Default group necessary since all base functionalities depend on this group membership + + Returns: + + """ + client = Client() + client.login(username=self.superuser.username, password=self.superuser_pw) + group = self.groups.get(name=DEFAULT_GROUP) + self.superuser.groups.set([group]) + self.eco_account.users.set([]) + + success_urls = [ + self.index_url, + self.detail_url, + self.report_url, + self.new_id_url, + self.new_url, + ] + fail_urls = [ + self.edit_url, + self.state_new_url, + self.action_new_url, + self.deadline_new_url, + self.state_remove_url, + self.action_remove_url, + self.new_doc_url, + self.log_url, + self.remove_url, + ] + self.assert_url_fail(client, fail_urls) + self.assert_url_success(client, success_urls) + diff --git a/compensation/views/eco_account_views.py b/compensation/views/eco_account_views.py index 2d302dc..83493fa 100644 --- a/compensation/views/eco_account_views.py +++ b/compensation/views/eco_account_views.py @@ -26,7 +26,8 @@ from konova.forms import RemoveModalForm, SimpleGeomForm, NewDocumentForm, Recor from konova.settings import DEFAULT_GROUP, ZB_GROUP, ETS_GROUP from konova.utils.documents import get_document, remove_document from konova.utils.generators import generate_qr_code -from konova.utils.message_templates import IDENTIFIER_REPLACED, FORM_INVALID, DATA_UNSHARED, DATA_UNSHARED_EXPLANATION +from konova.utils.message_templates import IDENTIFIER_REPLACED, FORM_INVALID, DATA_UNSHARED, DATA_UNSHARED_EXPLANATION, \ + CANCEL_ACC_RECORDED_OR_DEDUCTED from konova.utils.user_checks import in_group @@ -120,6 +121,7 @@ def new_id_view(request: HttpRequest): @login_required @default_group_required +@shared_access_required(EcoAccount, "id") def edit_view(request: HttpRequest, id: str): """ Renders a view for editing compensations @@ -225,6 +227,8 @@ def detail_view(request: HttpRequest, id: str): @login_required +@default_group_required +@shared_access_required(EcoAccount, "id") def remove_view(request: HttpRequest, id: str): """ Renders a modal view for removing the eco account @@ -236,6 +240,15 @@ def remove_view(request: HttpRequest, id: str): """ acc = get_object_or_404(EcoAccount, id=id) + + # If the eco account has already been recorded OR there are already deductions, it can not be deleted by a regular + # default group user + if acc.recorded is not None or acc.deductions.exists(): + user = request.user + if not in_group(user, ETS_GROUP): + messages.info(request, CANCEL_ACC_RECORDED_OR_DEDUCTED) + return redirect("compensation:acc-detail", id=id) + form = RemoveModalForm(request.POST or None, instance=acc, user=request.user) return form.process_request( request=request, @@ -246,6 +259,7 @@ def remove_view(request: HttpRequest, id: str): @login_required @default_group_required +@shared_access_required(EcoAccount, "id") def deduction_remove_view(request: HttpRequest, id: str, deduction_id: str): """ Renders a modal view for removing deductions @@ -272,6 +286,7 @@ def deduction_remove_view(request: HttpRequest, id: str, deduction_id: str): @login_required @default_group_required +@shared_access_required(EcoAccount, "id") def log_view(request: HttpRequest, id: str): """ Renders a log view using modal @@ -297,6 +312,7 @@ def log_view(request: HttpRequest, id: str): @login_required @conservation_office_group_required +@shared_access_required(EcoAccount, "id") def record_view(request: HttpRequest, id:str): """ Renders a modal form for recording an eco account @@ -318,6 +334,8 @@ def record_view(request: HttpRequest, id:str): @login_required +@default_group_required +@shared_access_required(EcoAccount, "id") def state_new_view(request: HttpRequest, id: str): """ Renders a form for adding new states for an eco account @@ -337,6 +355,8 @@ def state_new_view(request: HttpRequest, id: str): @login_required +@default_group_required +@shared_access_required(EcoAccount, "id") def action_new_view(request: HttpRequest, id: str): """ Renders a form for adding new actions for an eco account @@ -400,6 +420,8 @@ def action_remove_view(request: HttpRequest, id: str, action_id: str): @login_required +@default_group_required +@shared_access_required(EcoAccount, "id") def deadline_new_view(request: HttpRequest, id: str): """ Renders a form for adding new states for an eco account @@ -419,6 +441,8 @@ def deadline_new_view(request: HttpRequest, id: str): @login_required +@default_group_required +@shared_access_required(EcoAccount, "id") def new_document_view(request: HttpRequest, id: str): """ Renders a form for uploading new documents @@ -437,6 +461,7 @@ def new_document_view(request: HttpRequest, id: str): @login_required +@default_group_required def get_document_view(request: HttpRequest, doc_id: str): """ Returns the document as downloadable file @@ -463,6 +488,8 @@ def get_document_view(request: HttpRequest, doc_id: str): @login_required +@default_group_required +@shared_access_required(EcoAccount, "id") def remove_document_view(request: HttpRequest, doc_id: str): """ Removes the document from the database and file system @@ -484,6 +511,7 @@ def remove_document_view(request: HttpRequest, doc_id: str): @login_required @default_group_required +@shared_access_required(EcoAccount, "id") def new_deduction_view(request: HttpRequest, id: str): """ Renders a modal form view for creating deductions @@ -601,6 +629,7 @@ def share_view(request: HttpRequest, id: str, token: str): @login_required @default_group_required +@shared_access_required(EcoAccount, "id") def create_share_view(request: HttpRequest, id: str): """ Renders sharing form for an eco account diff --git a/konova/tests/test_views.py b/konova/tests/test_views.py index 7078fc1..27a360f 100644 --- a/konova/tests/test_views.py +++ b/konova/tests/test_views.py @@ -11,7 +11,7 @@ from django.contrib.auth.models import User, Group from django.test import TestCase, Client from django.urls import reverse -from compensation.models import Compensation, CompensationState, CompensationAction +from compensation.models import Compensation, CompensationState, CompensationAction, EcoAccount from intervention.models import LegalData, ResponsibilityData, Intervention from konova.management.commands.setup_data import GROUPS_DATA from konova.models import Geometry @@ -66,6 +66,7 @@ class BaseViewTestCase(BaseTestCase): login_url = None intervention = None compensation = None + eco_account = None comp_state = None comp_action = None @@ -75,6 +76,7 @@ class BaseViewTestCase(BaseTestCase): cls.create_groups() cls.create_dummy_intervention() cls.create_dummy_compensation() + cls.create_dummy_eco_account() cls.login_url = reverse("simple-sso-login") def assert_url_success(self, client: Client, urls: list): @@ -151,10 +153,11 @@ class BaseViewTestCase(BaseTestCase): comment="Test", ) cls.intervention.generate_access_token(make_unique=True) + return cls.intervention @classmethod def create_dummy_compensation(cls): - """ Creates an intervention which can be used for tests + """ Creates a compensation which can be used for tests Returns: @@ -178,6 +181,36 @@ class BaseViewTestCase(BaseTestCase): comment="Test", ) cls.intervention.generate_access_token(make_unique=True) + return cls.compensation + + @classmethod + def create_dummy_eco_account(cls): + """ Creates an eco account which can be used for tests + + Returns: + + """ + # Create dummy data + # Create log entry + action = UserActionLogEntry.objects.create( + user=cls.superuser, + action=UserAction.CREATED, + ) + geometry = Geometry.objects.create() + # Create responsible data object + lega_data = LegalData.objects.create() + responsible_data = ResponsibilityData.objects.create() + # Finally create main object, holding the other objects + cls.eco_account = EcoAccount.objects.create( + identifier="TEST", + title="Test_title", + legal=lega_data, + responsible=responsible_data, + created=action, + geometry=geometry, + comment="Test", + ) + return cls.eco_account @classmethod def create_dummy_states(cls): diff --git a/konova/utils/message_templates.py b/konova/utils/message_templates.py index ae29853..7048f2c 100644 --- a/konova/utils/message_templates.py +++ b/konova/utils/message_templates.py @@ -16,4 +16,7 @@ DATA_UNSHARED = _("This data is not shared with you") DATA_UNSHARED_EXPLANATION = _("Remember: This data has not been shared with you, yet. This means you can only read but can not edit or perform any actions like running a check or recording.") MISSING_GROUP_PERMISSION = _("You need to be part of another user group.") -CHECKED_RECORDED_RESET = _("Status of Checked and Recorded reseted") \ No newline at end of file +CHECKED_RECORDED_RESET = _("Status of Checked and Recorded reseted") + +# ECO ACCOUNT +CANCEL_ACC_RECORDED_OR_DEDUCTED = _("Action canceled. Eco account is recorded or deductions exist. Only conservation office member can perform this action.") \ No newline at end of file