2016-02-19 15:02:13 +00:00
|
|
|
from flask import url_for
|
2016-02-26 15:33:17 +00:00
|
|
|
from bs4 import BeautifulSoup
|
2016-03-18 16:20:37 +00:00
|
|
|
import app
|
2016-03-07 10:19:44 +00:00
|
|
|
from app.notify_client.models import InvitedUser
|
2016-03-18 10:49:22 +00:00
|
|
|
from tests.conftest import service_one as service_1
|
2016-03-07 10:19:44 +00:00
|
|
|
|
2016-02-19 15:02:13 +00:00
|
|
|
|
2016-02-29 17:35:21 +00:00
|
|
|
def test_should_show_overview_page(
|
|
|
|
|
app_,
|
2016-03-18 10:49:22 +00:00
|
|
|
active_user_with_permissions,
|
2016-03-18 16:20:37 +00:00
|
|
|
mocker,
|
2016-03-18 10:49:22 +00:00
|
|
|
mock_get_invites_for_service
|
2016-02-29 17:35:21 +00:00
|
|
|
):
|
2016-03-18 16:20:37 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-02-29 17:35:21 +00:00
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
2016-03-18 16:20:37 +00:00
|
|
|
_mocks_for_test_manage_users(mocker, active_user_with_permissions, service)
|
2016-03-18 10:49:22 +00:00
|
|
|
client.login(active_user_with_permissions)
|
2016-03-18 16:20:37 +00:00
|
|
|
mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions])
|
|
|
|
|
response = client.get(url_for('main.manage_users', service_id=service['id']))
|
2016-02-29 17:35:21 +00:00
|
|
|
|
|
|
|
|
assert 'Manage team' in response.get_data(as_text=True)
|
|
|
|
|
assert response.status_code == 200
|
2016-03-18 16:20:37 +00:00
|
|
|
app.user_api_client.get_users_for_service.assert_called_once_with(service_id=service['id'])
|
2016-02-19 15:02:13 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_should_show_page_for_one_user(
|
|
|
|
|
app_,
|
2016-03-18 10:49:22 +00:00
|
|
|
active_user_with_permissions,
|
2016-03-18 16:20:37 +00:00
|
|
|
mocker,
|
|
|
|
|
mock_login
|
2016-02-19 15:02:13 +00:00
|
|
|
):
|
2016-03-18 16:20:37 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-02-19 15:02:13 +00:00
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
2016-03-18 16:20:37 +00:00
|
|
|
mocker.patch('app.user_api_client.get_user', return_value=active_user_with_permissions)
|
|
|
|
|
mocker.patch('app.service_api_client.get_service', return_value=service)
|
|
|
|
|
mocker.patch('app.service_api_client.get_services', return_value={'data': [service]})
|
2016-03-18 10:49:22 +00:00
|
|
|
client.login(active_user_with_permissions)
|
2016-03-18 16:20:37 +00:00
|
|
|
response = client.get(url_for('main.edit_user_permissions', service_id=service['id'], user_id=0))
|
2016-02-19 15:02:13 +00:00
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
|
|
|
|
|
2016-03-03 14:32:19 +00:00
|
|
|
def test_edit_user_permissions(
|
2016-02-19 15:02:13 +00:00
|
|
|
app_,
|
2016-03-18 10:49:22 +00:00
|
|
|
active_user_with_permissions,
|
2016-02-19 15:02:13 +00:00
|
|
|
mock_login,
|
2016-03-18 16:20:37 +00:00
|
|
|
mocker,
|
2016-03-03 13:00:12 +00:00
|
|
|
mock_get_invites_for_service,
|
2016-03-03 14:32:19 +00:00
|
|
|
mock_set_user_permissions
|
|
|
|
|
):
|
2016-03-18 16:20:37 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-03-03 14:32:19 +00:00
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
2016-03-18 16:20:37 +00:00
|
|
|
|
|
|
|
|
mocker.patch('app.user_api_client.get_user', return_value=active_user_with_permissions)
|
|
|
|
|
mocker.patch('app.service_api_client.get_service', return_value=service)
|
|
|
|
|
mocker.patch('app.service_api_client.get_services', return_value={'data': [service]})
|
2016-03-18 10:49:22 +00:00
|
|
|
client.login(active_user_with_permissions)
|
2016-03-03 14:32:19 +00:00
|
|
|
response = client.post(url_for(
|
2016-03-18 16:20:37 +00:00
|
|
|
'main.edit_user_permissions', service_id=service['id'], user_id=active_user_with_permissions.id
|
2016-03-18 10:49:22 +00:00
|
|
|
), data={'email_address': active_user_with_permissions.email_address,
|
2016-03-22 13:18:06 +00:00
|
|
|
'send_messages': 'y',
|
|
|
|
|
'manage_service': 'y',
|
|
|
|
|
'manage_api_keys': 'y'})
|
2016-03-03 14:32:19 +00:00
|
|
|
|
|
|
|
|
assert response.status_code == 302
|
|
|
|
|
assert response.location == url_for(
|
2016-03-18 16:20:37 +00:00
|
|
|
'main.manage_users', service_id=service['id'], _external=True
|
2016-03-03 14:32:19 +00:00
|
|
|
)
|
|
|
|
|
mock_set_user_permissions.assert_called_with(
|
2016-03-18 10:49:22 +00:00
|
|
|
str(active_user_with_permissions.id),
|
2016-03-18 16:20:37 +00:00
|
|
|
service['id'],
|
2016-03-22 13:18:06 +00:00
|
|
|
permissions={
|
|
|
|
|
'send_texts',
|
|
|
|
|
'send_emails',
|
|
|
|
|
'send_letters',
|
|
|
|
|
'manage_users',
|
|
|
|
|
'manage_templates',
|
|
|
|
|
'manage_settings',
|
|
|
|
|
'manage_api_keys',
|
|
|
|
|
'access_developer_docs'
|
|
|
|
|
}
|
|
|
|
|
)
|
2016-03-03 14:32:19 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_edit_some_user_permissions(
|
|
|
|
|
app_,
|
2016-03-18 16:20:37 +00:00
|
|
|
mocker,
|
2016-03-18 10:49:22 +00:00
|
|
|
active_user_with_permissions,
|
2016-03-18 16:20:37 +00:00
|
|
|
sample_invite,
|
2016-03-03 14:32:19 +00:00
|
|
|
mock_get_invites_for_service,
|
|
|
|
|
mock_set_user_permissions
|
2016-02-19 15:02:13 +00:00
|
|
|
):
|
2016-03-18 10:49:22 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-03-18 16:20:37 +00:00
|
|
|
data = [InvitedUser(**sample_invite)]
|
2016-02-19 15:02:13 +00:00
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
2016-03-18 10:49:22 +00:00
|
|
|
client.login(active_user_with_permissions)
|
2016-03-18 16:20:37 +00:00
|
|
|
service_id = service['id']
|
|
|
|
|
|
|
|
|
|
mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data)
|
|
|
|
|
_mocks_for_test_manage_users(mocker, active_user_with_permissions, service)
|
2016-02-19 15:02:13 +00:00
|
|
|
response = client.post(url_for(
|
2016-03-18 10:49:22 +00:00
|
|
|
'main.edit_user_permissions', service_id=service_id, user_id=active_user_with_permissions.id
|
|
|
|
|
), data={'email_address': active_user_with_permissions.email_address,
|
2016-03-22 13:18:06 +00:00
|
|
|
'send_messages': 'y',
|
|
|
|
|
'manage_service': '',
|
|
|
|
|
'manage_api_keys': ''})
|
2016-02-19 15:02:13 +00:00
|
|
|
|
|
|
|
|
assert response.status_code == 302
|
|
|
|
|
assert response.location == url_for(
|
2016-03-03 14:32:19 +00:00
|
|
|
'main.manage_users', service_id=service_id, _external=True
|
2016-02-19 15:02:13 +00:00
|
|
|
)
|
2016-03-03 14:32:19 +00:00
|
|
|
mock_set_user_permissions.assert_called_with(
|
2016-03-18 10:49:22 +00:00
|
|
|
str(active_user_with_permissions.id),
|
2016-03-03 14:32:19 +00:00
|
|
|
service_id,
|
2016-03-22 13:18:06 +00:00
|
|
|
permissions={
|
|
|
|
|
'send_texts',
|
|
|
|
|
'send_emails',
|
|
|
|
|
'send_letters'
|
|
|
|
|
}
|
|
|
|
|
)
|
2016-02-19 15:02:13 +00:00
|
|
|
|
|
|
|
|
|
2016-03-18 16:20:37 +00:00
|
|
|
def _mocks_for_test_manage_users(mocker, active_user_with_permissions, service):
|
|
|
|
|
mocker.patch('app.user_api_client.get_user', return_value=active_user_with_permissions)
|
|
|
|
|
mocker.patch('app.service_api_client.get_service', return_value=service)
|
|
|
|
|
mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions])
|
|
|
|
|
|
|
|
|
|
|
2016-02-19 15:02:13 +00:00
|
|
|
def test_should_show_page_for_inviting_user(
|
|
|
|
|
app_,
|
2016-03-18 10:49:22 +00:00
|
|
|
active_user_with_permissions,
|
|
|
|
|
mocker
|
2016-02-19 15:02:13 +00:00
|
|
|
):
|
2016-03-18 10:49:22 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-02-19 15:02:13 +00:00
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
2016-03-18 16:20:37 +00:00
|
|
|
_mocks_for_test_manage_users(mocker, active_user_with_permissions, service)
|
2016-03-18 10:49:22 +00:00
|
|
|
client.login(active_user_with_permissions)
|
|
|
|
|
response = client.get(url_for('main.invite_user', service_id=service['id']))
|
2016-02-19 15:02:13 +00:00
|
|
|
|
2016-03-11 07:47:46 +00:00
|
|
|
assert 'Invite a team member' in response.get_data(as_text=True)
|
2016-02-19 15:02:13 +00:00
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
2016-02-29 17:35:21 +00:00
|
|
|
|
|
|
|
|
def test_invite_user(
|
|
|
|
|
app_,
|
2016-03-18 10:49:22 +00:00
|
|
|
active_user_with_permissions,
|
|
|
|
|
mocker,
|
|
|
|
|
sample_invite
|
2016-02-29 17:35:21 +00:00
|
|
|
):
|
2016-03-18 10:49:22 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-02-29 17:35:21 +00:00
|
|
|
email_address = 'test@example.gov.uk'
|
2016-03-18 10:49:22 +00:00
|
|
|
sample_invite['email_address'] = 'test@example.gov.uk'
|
2016-02-29 17:35:21 +00:00
|
|
|
|
2016-03-18 10:49:22 +00:00
|
|
|
data = [InvitedUser(**sample_invite)]
|
2016-02-29 17:35:21 +00:00
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
2016-03-18 16:20:37 +00:00
|
|
|
_mocks_for_test_manage_users(mocker, active_user_with_permissions, service)
|
2016-03-18 10:49:22 +00:00
|
|
|
client.login(active_user_with_permissions)
|
|
|
|
|
mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data)
|
|
|
|
|
mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions])
|
|
|
|
|
mocker.patch('app.invite_api_client.create_invite', return_value=InvitedUser(**sample_invite))
|
2016-02-29 17:35:21 +00:00
|
|
|
response = client.post(
|
2016-03-18 10:49:22 +00:00
|
|
|
url_for('main.invite_user', service_id=service['id']),
|
2016-02-29 17:35:21 +00:00
|
|
|
data={'email_address': email_address,
|
2016-03-22 13:18:06 +00:00
|
|
|
'send_messages': 'y',
|
|
|
|
|
'manage_service': 'y',
|
|
|
|
|
'manage_api_keys': 'y'},
|
2016-02-29 17:35:21 +00:00
|
|
|
follow_redirects=True
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
|
|
|
|
|
assert page.h1.string.strip() == 'Manage team'
|
|
|
|
|
flash_banner = page.find('div', class_='banner-default-with-tick').string.strip()
|
|
|
|
|
assert flash_banner == 'Invite sent to test@example.gov.uk'
|
2016-03-01 16:12:26 +00:00
|
|
|
|
|
|
|
|
|
2016-03-03 13:00:12 +00:00
|
|
|
def test_cancel_invited_user_cancels_user_invitations(app_,
|
2016-03-18 10:49:22 +00:00
|
|
|
active_user_with_permissions,
|
|
|
|
|
mocker
|
|
|
|
|
):
|
2016-03-01 16:12:26 +00:00
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
|
|
|
|
mocker.patch('app.invite_api_client.cancel_invited_user')
|
|
|
|
|
import uuid
|
|
|
|
|
invited_user_id = uuid.uuid4()
|
2016-03-18 10:49:22 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-03-18 16:20:37 +00:00
|
|
|
_mocks_for_test_manage_users(mocker, active_user_with_permissions, service)
|
2016-03-18 10:49:22 +00:00
|
|
|
client.login(active_user_with_permissions)
|
|
|
|
|
response = client.get(url_for('main.cancel_invited_user', service_id=service['id'],
|
2016-03-01 17:00:01 +00:00
|
|
|
invited_user_id=invited_user_id))
|
2016-03-01 16:12:26 +00:00
|
|
|
|
|
|
|
|
assert response.status_code == 302
|
2016-03-18 10:49:22 +00:00
|
|
|
assert response.location == url_for('main.manage_users', service_id=service['id'], _external=True)
|
2016-03-07 10:19:44 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_manage_users_shows_invited_user(app_,
|
|
|
|
|
mocker,
|
2016-03-18 10:49:22 +00:00
|
|
|
active_user_with_permissions,
|
2016-03-07 10:19:44 +00:00
|
|
|
sample_invite):
|
2016-03-18 10:49:22 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-03-07 10:19:44 +00:00
|
|
|
data = [InvitedUser(**sample_invite)]
|
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
2016-03-18 16:20:37 +00:00
|
|
|
_mocks_for_test_manage_users(mocker, active_user_with_permissions, service)
|
2016-03-18 10:49:22 +00:00
|
|
|
client.login(active_user_with_permissions)
|
2016-03-07 10:19:44 +00:00
|
|
|
|
|
|
|
|
mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data)
|
2016-03-18 10:49:22 +00:00
|
|
|
mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions])
|
2016-03-07 10:19:44 +00:00
|
|
|
|
2016-03-18 10:49:22 +00:00
|
|
|
response = client.get(url_for('main.manage_users', service_id=service['id']))
|
2016-03-07 10:19:44 +00:00
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
|
|
|
|
|
assert page.h1.string.strip() == 'Manage team'
|
|
|
|
|
invites_table = page.find_all('table')[1]
|
|
|
|
|
cols = invites_table.find_all('td')
|
|
|
|
|
assert cols[0].text.strip() == 'invited_user@test.gov.uk'
|
|
|
|
|
assert cols[4].text.strip() == 'Cancel invitation'
|
2016-03-07 13:59:54 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_manage_users_does_not_show_accepted_invite(app_,
|
|
|
|
|
mocker,
|
2016-03-18 10:49:22 +00:00
|
|
|
active_user_with_permissions,
|
2016-03-07 13:59:54 +00:00
|
|
|
mock_login,
|
|
|
|
|
sample_invite):
|
|
|
|
|
|
|
|
|
|
import uuid
|
|
|
|
|
invited_user_id = uuid.uuid4()
|
|
|
|
|
sample_invite['id'] = invited_user_id
|
|
|
|
|
sample_invite['status'] = 'accepted'
|
|
|
|
|
data = [InvitedUser(**sample_invite)]
|
2016-03-18 10:49:22 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-03-07 13:59:54 +00:00
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
2016-03-18 10:49:22 +00:00
|
|
|
mocker.patch('app.user_api_client.get_user', return_value=active_user_with_permissions)
|
|
|
|
|
mocker.patch('app.service_api_client.get_service', return_value=service)
|
|
|
|
|
mocker.patch('app.service_api_client.get_services', return_value={'data': [service]})
|
|
|
|
|
client.login(active_user_with_permissions)
|
|
|
|
|
mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions])
|
2016-03-07 13:59:54 +00:00
|
|
|
mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data)
|
|
|
|
|
|
2016-03-18 10:49:22 +00:00
|
|
|
response = client.get(url_for('main.manage_users', service_id=service['id']))
|
2016-03-07 13:59:54 +00:00
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
|
|
|
|
|
assert page.h1.string.strip() == 'Manage team'
|
|
|
|
|
tables = page.find_all('table')
|
|
|
|
|
assert len(tables) == 1
|
|
|
|
|
assert not page.find(text='invited_user@test.gov.uk')
|
2016-03-09 13:00:52 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_user_cant_invite_themselves(
|
|
|
|
|
app_,
|
|
|
|
|
mock_login,
|
2016-03-18 10:49:22 +00:00
|
|
|
mocker,
|
|
|
|
|
active_user_with_permissions,
|
2016-03-09 13:00:52 +00:00
|
|
|
mock_create_invite,
|
2016-03-18 10:49:22 +00:00
|
|
|
mock_get_invites_for_service
|
2016-03-09 13:00:52 +00:00
|
|
|
):
|
2016-03-18 10:49:22 +00:00
|
|
|
service = service_1(active_user_with_permissions)
|
2016-03-09 13:00:52 +00:00
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
2016-03-18 10:49:22 +00:00
|
|
|
mocker.patch('app.user_api_client.get_user', return_value=active_user_with_permissions)
|
|
|
|
|
mocker.patch('app.service_api_client.get_service', return_value=service)
|
|
|
|
|
mocker.patch('app.service_api_client.get_services', return_value={'data': [service]})
|
|
|
|
|
client.login(active_user_with_permissions)
|
2016-03-09 13:00:52 +00:00
|
|
|
response = client.post(
|
2016-03-18 10:49:22 +00:00
|
|
|
url_for('main.invite_user', service_id=service['id']),
|
|
|
|
|
data={'email_address': active_user_with_permissions.email_address,
|
2016-03-22 13:18:06 +00:00
|
|
|
'send_messages': 'y',
|
|
|
|
|
'manage_service': 'y',
|
|
|
|
|
'manage_api_keys': 'y'},
|
2016-03-09 13:00:52 +00:00
|
|
|
follow_redirects=True
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
|
2016-03-11 07:47:46 +00:00
|
|
|
assert page.h1.string.strip() == 'Invite a team member'
|
2016-03-09 13:00:52 +00:00
|
|
|
form_error = page.find('span', class_='error-message').string.strip()
|
|
|
|
|
assert form_error == "You can't send an invitation to yourself"
|
2016-03-21 15:25:19 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_no_permission_manage_users_page(app_,
|
|
|
|
|
service_one,
|
|
|
|
|
api_user_active,
|
|
|
|
|
mock_login,
|
|
|
|
|
mock_get_user,
|
|
|
|
|
mock_get_service,
|
|
|
|
|
mock_get_users_by_service,
|
|
|
|
|
mock_get_invites_for_service):
|
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
with app_.test_client() as client:
|
|
|
|
|
client.login(api_user_active)
|
|
|
|
|
response = client.get(url_for('main.manage_users', service_id=service_one['id']))
|
|
|
|
|
resp_text = response.get_data(as_text=True)
|
|
|
|
|
assert url_for('.invite_user', service_id=service_one['id']) not in resp_text
|
|
|
|
|
assert "Edit permission" not in resp_text
|
|
|
|
|
assert "Manage team" not in resp_text
|
