diff --git a/tests/app/main/views/test_add_service.py b/tests/app/main/views/test_add_service.py index 3947ce013..4dd440dcc 100644 --- a/tests/app/main/views/test_add_service.py +++ b/tests/app/main/views/test_add_service.py @@ -1,8 +1,7 @@ from flask import url_for, session from unittest.mock import ANY import app -from app.utils import user_in_whitelist -from tests.conftest import api_user_active as create_active_user +from app.utils import is_gov_user def test_get_should_render_add_service_template(app_, @@ -105,9 +104,23 @@ def test_should_return_form_errors_with_duplicate_service_name_regardless_of_cas assert not mock_create_service.called -def test_non_whitelist_user_cannot_add_service(app_, mocker, client, fake_uuid): - non_whitelist_user = create_active_user(fake_uuid, 'someuser@notonwhitelist.com') - client.login(non_whitelist_user, mocker) - assert not user_in_whitelist(non_whitelist_user.email_address) +def test_non_whitelist_user_cannot_access_create_service_page(app_, + client, + mock_login, + mock_get_non_govuser, + api_nongov_user_active): + client.login(api_nongov_user_active) + assert not is_gov_user(api_nongov_user_active.email_address) response = client.get(url_for('main.add_service')) assert response.status_code == 403 + + +def test_non_whitelist_user_cannot_create_service(app_, + client, + mock_login, + mock_get_non_govuser, + api_nongov_user_active): + client.login(api_nongov_user_active) + assert not is_gov_user(api_nongov_user_active.email_address) + response = client.post(url_for('main.add_service'), data={'name': 'SERVICE TWO'}) + assert response.status_code == 403 diff --git a/tests/app/main/views/test_all_services.py b/tests/app/main/views/test_all_services.py index 28756451d..09cc543f7 100644 --- a/tests/app/main/views/test_all_services.py +++ b/tests/app/main/views/test_all_services.py @@ -30,6 +30,17 @@ def test_all_service_returns_403_when_not_a_platform_admin(app_, assert response.status_code == 403 +def test_non_gov_user_cannot_see_add_service_button(app_, + client, + mock_login, + mock_get_non_govuser, + api_nongov_user_active): + client.login(api_nongov_user_active) + response = client.get(url_for('main.choose_service')) + assert 'Add a new service' not in response.get_data(as_text=True) + assert response.status_code == 200 + + def _login_user(client, mocker, platform_admin_user, service_one): mocker.patch('app.user_api_client.get_user', return_value=platform_admin_user) client.login(platform_admin_user) diff --git a/tests/app/main/views/test_manage_users.py b/tests/app/main/views/test_manage_users.py index 87e04944f..2db57d61d 100644 --- a/tests/app/main/views/test_manage_users.py +++ b/tests/app/main/views/test_manage_users.py @@ -3,7 +3,7 @@ from flask import url_for from bs4 import BeautifulSoup import app from app.notify_client.models import InvitedUser -from app.utils import user_in_whitelist +from app.utils import is_gov_user from tests.conftest import service_one as create_sample_service @@ -131,7 +131,7 @@ def test_should_show_page_for_inviting_user( assert response.status_code == 200 -@pytest.mark.parametrize('email_address, whitelist_user', [ +@pytest.mark.parametrize('email_address, gov_user', [ ('test@example.gov.uk', True), ('test@nonwhitelist.com', False) ]) @@ -141,7 +141,7 @@ def test_invite_user( mocker, sample_invite, email_address, - whitelist_user + gov_user ): service = create_sample_service(active_user_with_permissions) sample_invite['email_address'] = 'test@example.gov.uk' @@ -150,7 +150,7 @@ def test_invite_user( with app_.test_request_context(): with app_.test_client() as client: client.login(active_user_with_permissions, mocker, service) - assert user_in_whitelist(email_address) == whitelist_user + assert is_gov_user(email_address) == gov_user mocker.patch('app.invite_api_client.get_invites_for_service', return_value=data) mocker.patch('app.user_api_client.get_users_for_service', return_value=[active_user_with_permissions]) mocker.patch('app.invite_api_client.create_invite', return_value=InvitedUser(**sample_invite)) diff --git a/tests/conftest.py b/tests/conftest.py index 4e13cf044..5a110ff71 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -505,6 +505,24 @@ def api_user_active(fake_uuid, email_address='test@user.gov.uk'): return user +@pytest.fixture(scope='function') +def api_nongov_user_active(fake_uuid): + from app.notify_client.user_api_client import User + user_data = {'id': fake_uuid, + 'name': 'Test User', + 'password': 'somepassword', + 'email_address': 'someuser@notonwhitelist.com', + 'mobile_number': '07700 900762', + 'state': 'active', + 'failed_login_count': 0, + 'permissions': {}, + 'platform_admin': False, + 'password_changed_at': str(datetime.utcnow()) + } + user = User(user_data) + return user + + @pytest.fixture(scope='function') def active_user_with_permissions(fake_uuid): from app.notify_client.user_api_client import User @@ -597,6 +615,19 @@ def mock_register_user(mocker, api_user_pending): return mocker.patch('app.user_api_client.register_user', side_effect=_register) +@pytest.fixture(scope='function') +def mock_get_non_govuser(mocker, user=None): + if user is None: + user = api_user_active(fake_uuid(), email_address='someuser@notonwhitelist.com') + + def _get_user(id_): + user.id = id_ + return user + + return mocker.patch( + 'app.user_api_client.get_user', side_effect=_get_user) + + @pytest.fixture(scope='function') def mock_get_user(mocker, user=None): if user is None: