parent
1dc931d736
commit
eb2e19cbe0
@ -17,8 +17,6 @@ class CompensationViewTestCase(BaseViewTestCase):
|
||||
These tests focus on proper returned views depending on the user's groups privileges and login status
|
||||
|
||||
"""
|
||||
comp_state = None
|
||||
comp_action = None
|
||||
|
||||
@classmethod
|
||||
def setUpTestData(cls) -> None:
|
||||
@ -224,3 +222,185 @@ class CompensationViewTestCase(BaseViewTestCase):
|
||||
]
|
||||
self.assert_url_fail(client, fail_urls)
|
||||
self.assert_url_success(client, success_urls)
|
||||
|
||||
|
||||
class EcoAccountViewTestCase(CompensationViewTestCase):
|
||||
"""
|
||||
These tests focus on proper returned views depending on the user's groups privileges and login status
|
||||
|
||||
EcoAccounts can inherit the same tests used for compensations.
|
||||
|
||||
"""
|
||||
comp_state = None
|
||||
comp_action = None
|
||||
|
||||
@classmethod
|
||||
def setUpTestData(cls) -> None:
|
||||
super().setUpTestData()
|
||||
state = cls.create_dummy_states()
|
||||
cls.eco_account.before_states.set([state])
|
||||
cls.eco_account.after_states.set([state])
|
||||
|
||||
action = cls.create_dummy_action()
|
||||
cls.eco_account.actions.set([action])
|
||||
|
||||
# Prepare urls
|
||||
cls.index_url = reverse("compensation:acc-index", args=())
|
||||
cls.new_url = reverse("compensation:acc-new", args=())
|
||||
cls.new_id_url = reverse("compensation:acc-new-id", args=())
|
||||
cls.detail_url = reverse("compensation:acc-detail", args=(cls.eco_account.id,))
|
||||
cls.log_url = reverse("compensation:acc-log", args=(cls.eco_account.id,))
|
||||
cls.edit_url = reverse("compensation:acc-edit", args=(cls.eco_account.id,))
|
||||
cls.remove_url = reverse("compensation:acc-remove", args=(cls.eco_account.id,))
|
||||
cls.report_url = reverse("compensation:acc-report", args=(cls.eco_account.id,))
|
||||
cls.state_new_url = reverse("compensation:acc-new-state", args=(cls.eco_account.id,))
|
||||
cls.action_new_url = reverse("compensation:acc-new-action", args=(cls.eco_account.id,))
|
||||
cls.deadline_new_url = reverse("compensation:acc-new-deadline", args=(cls.eco_account.id,))
|
||||
cls.new_doc_url = reverse("compensation:acc-new-doc", args=(cls.eco_account.id,))
|
||||
cls.state_remove_url = reverse("compensation:acc-state-remove", args=(cls.eco_account.id, cls.comp_state.id,))
|
||||
cls.action_remove_url = reverse("compensation:acc-action-remove", args=(cls.eco_account.id, cls.comp_action.id,))
|
||||
|
||||
def test_logged_in_no_groups_shared(self):
|
||||
""" Check correct status code for all requests
|
||||
|
||||
Assumption: User logged in and has no groups and data is shared
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
client = Client()
|
||||
client.login(username=self.superuser.username, password=self.superuser_pw)
|
||||
self.superuser.groups.set([])
|
||||
self.eco_account.users.set([self.superuser])
|
||||
|
||||
# Since the user has no groups, it does not matter that data has been shared. There SHOULD not be any difference
|
||||
# to a user without access, since the important permissions are missing
|
||||
success_urls = [
|
||||
self.index_url,
|
||||
self.detail_url,
|
||||
self.report_url,
|
||||
]
|
||||
fail_urls = [
|
||||
self.new_url,
|
||||
self.new_id_url,
|
||||
self.log_url,
|
||||
self.edit_url,
|
||||
self.remove_url,
|
||||
self.state_new_url,
|
||||
self.action_new_url,
|
||||
self.deadline_new_url,
|
||||
self.state_remove_url,
|
||||
self.action_remove_url,
|
||||
self.new_doc_url,
|
||||
]
|
||||
|
||||
self.assert_url_success(client, success_urls)
|
||||
self.assert_url_fail(client, fail_urls)
|
||||
|
||||
def test_logged_in_no_groups_unshared(self):
|
||||
""" Check correct status code for all requests
|
||||
|
||||
Assumption: User logged in and has no groups and data is shared
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
client = Client()
|
||||
client.login(username=self.superuser.username, password=self.superuser_pw)
|
||||
self.superuser.groups.set([])
|
||||
self.eco_account.users.set([])
|
||||
|
||||
# Since the user has no groups, it does not matter that data is unshared. There SHOULD not be any difference
|
||||
# to a user having shared access, since all important permissions are missing
|
||||
success_urls = [
|
||||
self.index_url,
|
||||
self.detail_url,
|
||||
self.report_url,
|
||||
]
|
||||
fail_urls = [
|
||||
self.new_url,
|
||||
self.new_id_url,
|
||||
self.log_url,
|
||||
self.edit_url,
|
||||
self.remove_url,
|
||||
self.state_new_url,
|
||||
self.action_new_url,
|
||||
self.deadline_new_url,
|
||||
self.state_remove_url,
|
||||
self.action_remove_url,
|
||||
self.new_doc_url,
|
||||
]
|
||||
|
||||
self.assert_url_success(client, success_urls)
|
||||
self.assert_url_fail(client, fail_urls)
|
||||
|
||||
def test_logged_in_default_group_shared(self):
|
||||
""" Check correct status code for all requests
|
||||
|
||||
Assumption: User logged in, is default group member and data is shared
|
||||
--> Default group necessary since all base functionalities depend on this group membership
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
client = Client()
|
||||
client.login(username=self.superuser.username, password=self.superuser_pw)
|
||||
group = self.groups.get(name=DEFAULT_GROUP)
|
||||
self.superuser.groups.set([group])
|
||||
# Sharing is inherited by base intervention for compensation. Therefore configure the interventions share state
|
||||
self.eco_account.users.set([self.superuser])
|
||||
|
||||
success_urls = [
|
||||
self.index_url,
|
||||
self.detail_url,
|
||||
self.report_url,
|
||||
self.new_url,
|
||||
self.new_id_url,
|
||||
self.edit_url,
|
||||
self.state_new_url,
|
||||
self.action_new_url,
|
||||
self.deadline_new_url,
|
||||
self.state_remove_url,
|
||||
self.action_remove_url,
|
||||
self.new_doc_url,
|
||||
self.log_url,
|
||||
self.remove_url,
|
||||
]
|
||||
self.assert_url_success(client, success_urls)
|
||||
|
||||
def test_logged_in_default_group_unshared(self):
|
||||
""" Check correct status code for all requests
|
||||
|
||||
Assumption: User logged in, is default group member and data is NOT shared
|
||||
--> Default group necessary since all base functionalities depend on this group membership
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
client = Client()
|
||||
client.login(username=self.superuser.username, password=self.superuser_pw)
|
||||
group = self.groups.get(name=DEFAULT_GROUP)
|
||||
self.superuser.groups.set([group])
|
||||
self.eco_account.users.set([])
|
||||
|
||||
success_urls = [
|
||||
self.index_url,
|
||||
self.detail_url,
|
||||
self.report_url,
|
||||
self.new_id_url,
|
||||
self.new_url,
|
||||
]
|
||||
fail_urls = [
|
||||
self.edit_url,
|
||||
self.state_new_url,
|
||||
self.action_new_url,
|
||||
self.deadline_new_url,
|
||||
self.state_remove_url,
|
||||
self.action_remove_url,
|
||||
self.new_doc_url,
|
||||
self.log_url,
|
||||
self.remove_url,
|
||||
]
|
||||
self.assert_url_fail(client, fail_urls)
|
||||
self.assert_url_success(client, success_urls)
|
||||
|
||||
|
||||
@ -26,7 +26,8 @@ from konova.forms import RemoveModalForm, SimpleGeomForm, NewDocumentForm, Recor
|
||||
from konova.settings import DEFAULT_GROUP, ZB_GROUP, ETS_GROUP
|
||||
from konova.utils.documents import get_document, remove_document
|
||||
from konova.utils.generators import generate_qr_code
|
||||
from konova.utils.message_templates import IDENTIFIER_REPLACED, FORM_INVALID, DATA_UNSHARED, DATA_UNSHARED_EXPLANATION
|
||||
from konova.utils.message_templates import IDENTIFIER_REPLACED, FORM_INVALID, DATA_UNSHARED, DATA_UNSHARED_EXPLANATION, \
|
||||
CANCEL_ACC_RECORDED_OR_DEDUCTED
|
||||
from konova.utils.user_checks import in_group
|
||||
|
||||
|
||||
@ -120,6 +121,7 @@ def new_id_view(request: HttpRequest):
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def edit_view(request: HttpRequest, id: str):
|
||||
"""
|
||||
Renders a view for editing compensations
|
||||
@ -225,6 +227,8 @@ def detail_view(request: HttpRequest, id: str):
|
||||
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def remove_view(request: HttpRequest, id: str):
|
||||
""" Renders a modal view for removing the eco account
|
||||
|
||||
@ -236,6 +240,15 @@ def remove_view(request: HttpRequest, id: str):
|
||||
|
||||
"""
|
||||
acc = get_object_or_404(EcoAccount, id=id)
|
||||
|
||||
# If the eco account has already been recorded OR there are already deductions, it can not be deleted by a regular
|
||||
# default group user
|
||||
if acc.recorded is not None or acc.deductions.exists():
|
||||
user = request.user
|
||||
if not in_group(user, ETS_GROUP):
|
||||
messages.info(request, CANCEL_ACC_RECORDED_OR_DEDUCTED)
|
||||
return redirect("compensation:acc-detail", id=id)
|
||||
|
||||
form = RemoveModalForm(request.POST or None, instance=acc, user=request.user)
|
||||
return form.process_request(
|
||||
request=request,
|
||||
@ -246,6 +259,7 @@ def remove_view(request: HttpRequest, id: str):
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def deduction_remove_view(request: HttpRequest, id: str, deduction_id: str):
|
||||
""" Renders a modal view for removing deductions
|
||||
|
||||
@ -272,6 +286,7 @@ def deduction_remove_view(request: HttpRequest, id: str, deduction_id: str):
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def log_view(request: HttpRequest, id: str):
|
||||
""" Renders a log view using modal
|
||||
|
||||
@ -297,6 +312,7 @@ def log_view(request: HttpRequest, id: str):
|
||||
|
||||
@login_required
|
||||
@conservation_office_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def record_view(request: HttpRequest, id:str):
|
||||
""" Renders a modal form for recording an eco account
|
||||
|
||||
@ -318,6 +334,8 @@ def record_view(request: HttpRequest, id:str):
|
||||
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def state_new_view(request: HttpRequest, id: str):
|
||||
""" Renders a form for adding new states for an eco account
|
||||
|
||||
@ -337,6 +355,8 @@ def state_new_view(request: HttpRequest, id: str):
|
||||
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def action_new_view(request: HttpRequest, id: str):
|
||||
""" Renders a form for adding new actions for an eco account
|
||||
|
||||
@ -400,6 +420,8 @@ def action_remove_view(request: HttpRequest, id: str, action_id: str):
|
||||
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def deadline_new_view(request: HttpRequest, id: str):
|
||||
""" Renders a form for adding new states for an eco account
|
||||
|
||||
@ -419,6 +441,8 @@ def deadline_new_view(request: HttpRequest, id: str):
|
||||
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def new_document_view(request: HttpRequest, id: str):
|
||||
""" Renders a form for uploading new documents
|
||||
|
||||
@ -437,6 +461,7 @@ def new_document_view(request: HttpRequest, id: str):
|
||||
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
def get_document_view(request: HttpRequest, doc_id: str):
|
||||
""" Returns the document as downloadable file
|
||||
|
||||
@ -463,6 +488,8 @@ def get_document_view(request: HttpRequest, doc_id: str):
|
||||
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def remove_document_view(request: HttpRequest, doc_id: str):
|
||||
""" Removes the document from the database and file system
|
||||
|
||||
@ -484,6 +511,7 @@ def remove_document_view(request: HttpRequest, doc_id: str):
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def new_deduction_view(request: HttpRequest, id: str):
|
||||
""" Renders a modal form view for creating deductions
|
||||
|
||||
@ -601,6 +629,7 @@ def share_view(request: HttpRequest, id: str, token: str):
|
||||
|
||||
@login_required
|
||||
@default_group_required
|
||||
@shared_access_required(EcoAccount, "id")
|
||||
def create_share_view(request: HttpRequest, id: str):
|
||||
""" Renders sharing form for an eco account
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ from django.contrib.auth.models import User, Group
|
||||
from django.test import TestCase, Client
|
||||
from django.urls import reverse
|
||||
|
||||
from compensation.models import Compensation, CompensationState, CompensationAction
|
||||
from compensation.models import Compensation, CompensationState, CompensationAction, EcoAccount
|
||||
from intervention.models import LegalData, ResponsibilityData, Intervention
|
||||
from konova.management.commands.setup_data import GROUPS_DATA
|
||||
from konova.models import Geometry
|
||||
@ -66,6 +66,7 @@ class BaseViewTestCase(BaseTestCase):
|
||||
login_url = None
|
||||
intervention = None
|
||||
compensation = None
|
||||
eco_account = None
|
||||
comp_state = None
|
||||
comp_action = None
|
||||
|
||||
@ -75,6 +76,7 @@ class BaseViewTestCase(BaseTestCase):
|
||||
cls.create_groups()
|
||||
cls.create_dummy_intervention()
|
||||
cls.create_dummy_compensation()
|
||||
cls.create_dummy_eco_account()
|
||||
cls.login_url = reverse("simple-sso-login")
|
||||
|
||||
def assert_url_success(self, client: Client, urls: list):
|
||||
@ -151,10 +153,11 @@ class BaseViewTestCase(BaseTestCase):
|
||||
comment="Test",
|
||||
)
|
||||
cls.intervention.generate_access_token(make_unique=True)
|
||||
return cls.intervention
|
||||
|
||||
@classmethod
|
||||
def create_dummy_compensation(cls):
|
||||
""" Creates an intervention which can be used for tests
|
||||
""" Creates a compensation which can be used for tests
|
||||
|
||||
Returns:
|
||||
|
||||
@ -178,6 +181,36 @@ class BaseViewTestCase(BaseTestCase):
|
||||
comment="Test",
|
||||
)
|
||||
cls.intervention.generate_access_token(make_unique=True)
|
||||
return cls.compensation
|
||||
|
||||
@classmethod
|
||||
def create_dummy_eco_account(cls):
|
||||
""" Creates an eco account which can be used for tests
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
# Create dummy data
|
||||
# Create log entry
|
||||
action = UserActionLogEntry.objects.create(
|
||||
user=cls.superuser,
|
||||
action=UserAction.CREATED,
|
||||
)
|
||||
geometry = Geometry.objects.create()
|
||||
# Create responsible data object
|
||||
lega_data = LegalData.objects.create()
|
||||
responsible_data = ResponsibilityData.objects.create()
|
||||
# Finally create main object, holding the other objects
|
||||
cls.eco_account = EcoAccount.objects.create(
|
||||
identifier="TEST",
|
||||
title="Test_title",
|
||||
legal=lega_data,
|
||||
responsible=responsible_data,
|
||||
created=action,
|
||||
geometry=geometry,
|
||||
comment="Test",
|
||||
)
|
||||
return cls.eco_account
|
||||
|
||||
@classmethod
|
||||
def create_dummy_states(cls):
|
||||
|
||||
@ -16,4 +16,7 @@ DATA_UNSHARED = _("This data is not shared with you")
|
||||
DATA_UNSHARED_EXPLANATION = _("Remember: This data has not been shared with you, yet. This means you can only read but can not edit or perform any actions like running a check or recording.")
|
||||
MISSING_GROUP_PERMISSION = _("You need to be part of another user group.")
|
||||
|
||||
CHECKED_RECORDED_RESET = _("Status of Checked and Recorded reseted")
|
||||
CHECKED_RECORDED_RESET = _("Status of Checked and Recorded reseted")
|
||||
|
||||
# ECO ACCOUNT
|
||||
CANCEL_ACC_RECORDED_OR_DEDUCTED = _("Action canceled. Eco account is recorded or deductions exist. Only conservation office member can perform this action.")
|
||||
Loading…
x
Reference in New Issue
Block a user