From 542d0f939e1ece501fb7f1131f193814bbd617ae Mon Sep 17 00:00:00 2001
From: Rebecca Law <rebecca.law@digital.cabinet-office.gov.uk>
Date: Wed, 30 Mar 2016 10:53:15 +0100
Subject: [PATCH] Add comment when adding the view_activity permission as a
 default. Refactor client.login method so that we can start to migrate to one
 way to login for unit tests.

---
 app/main/views/manage_users.py            |  6 ++---
 tests/__init__.py                         |  6 +++--
 tests/app/main/views/test_manage_users.py | 33 +++++++++--------------
 3 files changed, 20 insertions(+), 25 deletions(-)

diff --git a/app/main/views/manage_users.py b/app/main/views/manage_users.py
index 76249c44d..4e60918f1 100644
--- a/app/main/views/manage_users.py
+++ b/app/main/views/manage_users.py
@@ -57,13 +57,13 @@ def invite_user(service_id):
 
     if form.validate_on_submit():
         email_address = form.email_address.data
+        # view_activity is a default role to be added to all users. All users will have at minimum view_activity
+        permissions = ','.join(role for role in roles.keys() if request.form.get(role) == 'y').join('view_activity')
         invited_user = invite_api_client.create_invite(
             current_user.id,
             service_id,
             email_address,
-            ','.join(
-                role for role in roles.keys() if request.form.get(role) == 'y'
-            ).join('view_activity')
+            permissions
         )
 
         flash('Invite sent to {}'.format(invited_user.email_address), 'default_with_tick')
diff --git a/tests/__init__.py b/tests/__init__.py
index 707c5edb9..7064eac13 100644
--- a/tests/__init__.py
+++ b/tests/__init__.py
@@ -5,12 +5,14 @@ from flask_login import login_user
 
 
 class TestClient(FlaskClient):
-    def login(self, user):
+    def login(self, user, mocker=None, service=None):
         # Skipping authentication here and just log them in
         with self.session_transaction() as session:
             session['user_id'] = user.id
             session['_fresh'] = True
-
+        if mocker and service:
+            mocker.patch('app.user_api_client.get_user', return_value=user)
+            mocker.patch('app.service_api_client.get_service', return_value={'data': service})
         login_user(user, remember=True)
 
     def login_fresh(self):
diff --git a/tests/app/main/views/test_manage_users.py b/tests/app/main/views/test_manage_users.py
index 17faa52bc..0e8100882 100644
--- a/tests/app/main/views/test_manage_users.py
+++ b/tests/app/main/views/test_manage_users.py
@@ -14,7 +14,7 @@ def test_should_show_overview_page(
     service = service_1(active_user_with_permissions)
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
             mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions])
             response = client.get(url_for('main.manage_users', service_id=service['id']))
 
@@ -31,7 +31,7 @@ def test_should_show_page_for_one_user(
     service = service_1(active_user_with_permissions)
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
             response = client.get(url_for('main.edit_user_permissions', service_id=service['id'], user_id=0))
 
         assert response.status_code == 200
@@ -48,7 +48,7 @@ def test_edit_user_permissions(
     with app_.test_request_context():
         with app_.test_client() as client:
 
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
             response = client.post(url_for(
                 'main.edit_user_permissions', service_id=service['id'], user_id=active_user_with_permissions.id
             ), data={'email_address': active_user_with_permissions.email_address,
@@ -88,7 +88,7 @@ def test_edit_some_user_permissions(
     data = [InvitedUser(**sample_invite)]
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
             service_id = service['id']
 
             mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data)
@@ -123,7 +123,7 @@ def test_should_show_page_for_inviting_user(
     service = service_1(active_user_with_permissions)
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
             response = client.get(url_for('main.invite_user', service_id=service['id']))
 
         assert 'Invite a team member' in response.get_data(as_text=True)
@@ -143,7 +143,7 @@ def test_invite_user(
     data = [InvitedUser(**sample_invite)]
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
             mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data)
             mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions])
             mocker.patch('app.invite_api_client.create_invite', return_value=InvitedUser(**sample_invite))
@@ -173,7 +173,7 @@ def test_cancel_invited_user_cancels_user_invitations(app_,
             import uuid
             invited_user_id = uuid.uuid4()
             service = service_1(active_user_with_permissions)
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
             response = client.get(url_for('main.cancel_invited_user', service_id=service['id'],
                                           invited_user_id=invited_user_id))
 
@@ -189,7 +189,7 @@ def test_manage_users_shows_invited_user(app_,
     data = [InvitedUser(**sample_invite)]
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
 
             mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data)
             mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions])
@@ -218,7 +218,7 @@ def test_manage_users_does_not_show_accepted_invite(app_,
     service = service_1(active_user_with_permissions)
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
             mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions])
             mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data)
 
@@ -241,7 +241,7 @@ def test_user_cant_invite_themselves(
     service = service_1(active_user_with_permissions)
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service)
+            client.login(active_user_with_permissions, mocker, service)
             response = client.post(
                 url_for('main.invite_user', service_id=service['id']),
                 data={'email_address': active_user_with_permissions.email_address,
@@ -265,7 +265,7 @@ def test_no_permission_manage_users_page(app_,
                                          mocker):
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(api_user_active, client, mocker, service_one)
+            client.login(api_user_active, mocker, service_one)
             response = client.get(url_for('main.manage_users', service_id=service_one['id']))
             resp_text = response.get_data(as_text=True)
             assert url_for('.invite_user', service_id=service_one['id']) not in resp_text
@@ -279,7 +279,7 @@ def test_get_remove_user_from_service(app_,
                                       mocker):
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service_one)
+            client.login(active_user_with_permissions, mocker, service_one)
             response = client.get(
                 url_for(
                     'main.remove_user_from_service',
@@ -299,7 +299,7 @@ def test_remove_user_from_service(app_,
                                   mock_remove_user_from_service):
     with app_.test_request_context():
         with app_.test_client() as client:
-            _login_user(active_user_with_permissions, client, mocker, service_one)
+            client.login(active_user_with_permissions, mocker, service_one)
             response = client.post(
                 url_for(
                     'main.remove_user_from_service',
@@ -310,10 +310,3 @@ def test_remove_user_from_service(app_,
                 'main.manage_users', service_id=service_one['id'], _external=True)
             mock_remove_user_from_service.assert_called_once_with(service_one['id'],
                                                                   str(active_user_with_permissions.id))
-
-
-def _login_user(user, client, mocker, service):
-    mocker.patch('app.user_api_client.get_user', return_value=user)
-    mocker.patch('app.service_api_client.get_service', return_value={'data': service})
-    mocker.patch('app.service_api_client.get_services', return_value={'data': [service]})
-    client.login(user)