test_perms.py 15.3 KB
Newer Older
1
2
from django.test import TestCase
from backend import const
3
4
from backend.unittest import ExpectedPerms, ExpectedSets, OldProcessFixtureMixin

5

Enrico Zini's avatar
Enrico Zini committed
6
class TestPersonPermissions(OldProcessFixtureMixin, TestCase):
7
8
9
10
11
    @classmethod
    def setUpClass(cls):
        super(TestPersonPermissions, cls).setUpClass()
        cls.persons.create("applicant", status=const.STATUS_DC)
        cls.persons.create("am", status=const.STATUS_DD_NU)
12
13
14
15
        cls.processes.create(
                "applicant", person=cls.persons.applicant,
                applying_for=const.STATUS_DD_NU, progress=const.PROGRESS_AM,
                manager=cls.persons.am)
16
17
18
19
20
        cls.persons.create("e_dd", status=const.STATUS_EMERITUS_DD)
        cls.persons.create("r_dd", status=const.STATUS_REMOVED_DD)
        cls.persons.create("am_e_dd", status=const.STATUS_EMERITUS_DD)
        cls.persons.create("am_r_dd", status=const.STATUS_REMOVED_DD)
        cls.persons.create("applicant1", status=const.STATUS_DC)
21
22
23
24
        cls.processes.create(
                "applicant1", person=cls.persons.applicant1,
                applying_for=const.STATUS_DD_NU, progress=const.PROGRESS_AM,
                manager=cls.persons.am_e_dd)
25
        cls.persons.create("applicant2", status=const.STATUS_DC)
26
27
28
29
        cls.processes.create(
                "applicant2", person=cls.persons.applicant2,
                applying_for=const.STATUS_DD_NU, progress=const.PROGRESS_AM,
                manager=cls.persons.am_r_dd)
30
31

    def assertPerms(self, pname, perms):
32
        self.assertCountEqual(self.persons[pname].perms, perms)
33
34
35
36
37
38
39
40
41
42
43

    def test_person(self):
        self.assertPerms("pending", [])
        self.assertPerms("dc", [])
        self.assertPerms("dc_ga", [])
        self.assertPerms("dm", [])
        self.assertPerms("dm_ga", [])
        self.assertPerms("applicant", [])
        self.assertPerms("dd_nu", ["am_candidate", "dd"])
        self.assertPerms("dd_u", ["am_candidate", "dd"])
        self.assertPerms("am", ["am", "dd"])
44
45
46
47
        self.assertPerms("e_dd", [])
        self.assertPerms("r_dd", [])
        self.assertPerms("am_e_dd", [])
        self.assertPerms("am_r_dd", [])
48
49
        self.assertPerms("fd", ["admin", "am", "dd"])
        self.assertPerms("dam", ["admin", "am", "dd"])
50
51


52
class TestVisitPersonNoProcess(OldProcessFixtureMixin, TestCase):
53
54
    @classmethod
    def __add_extra_tests__(cls):
55
        cls._add_method(cls._test_perms, "pending", perms={
56
57
            "fd dam": "update_keycheck edit_email edit_bio edit_ldap edit_fpr view_person_audit_log fd_comments"
                      " endorse_key",
58
            "activeam": "update_keycheck edit_bio edit_ldap edit_fpr view_person_audit_log endorse_key",
Enrico Zini's avatar
Enrico Zini committed
59
            "pending": "update_keycheck edit_email edit_bio",
60
            "dd_nu dd_u oldam": "view_person_audit_log update_keycheck endorse_key",
61
        })
62

63
        cls._add_method(cls._test_perms, "dc", perms={
64
65
            "fd dam": "update_keycheck edit_email edit_bio edit_ldap edit_fpr view_person_audit_log request_new_status"
                      " fd_comments endorse_key",
66
            "dc": "update_keycheck edit_email edit_bio edit_ldap edit_fpr view_person_audit_log request_new_status",
67
68
            "activeam": "update_keycheck edit_bio edit_ldap edit_fpr view_person_audit_log endorse_key",
            "dd_nu dd_u oldam": "view_person_audit_log update_keycheck endorse_key",
69
        })
70

71
        cls._add_method(cls._test_perms, "dc_ga", perms={
72
73
            "fd dam": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status fd_comments"
                      " endorse_key",
Enrico Zini's avatar
Enrico Zini committed
74
            "dc_ga": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status",
75
76
            "activeam": "update_keycheck edit_bio view_person_audit_log endorse_key",
            "dd_nu dd_u oldam": "view_person_audit_log update_keycheck endorse_key",
77
        })
78

79
        cls._add_method(cls._test_perms, "dm", perms={
80
81
82
83
            "fd dam": "update_keycheck edit_email edit_bio edit_ldap edit_fpr"
                      " view_person_audit_log request_new_status fd_comments endorse_key view_certificate",
            "dm": "update_keycheck edit_email edit_bio edit_ldap"
                  " view_person_audit_log request_new_status view_certificate",
84
85
            "activeam": "update_keycheck edit_bio edit_ldap view_person_audit_log endorse_key",
            "dd_nu dd_u oldam": "view_person_audit_log update_keycheck endorse_key",
86
        })
87

88
        cls._add_method(cls._test_perms, "dm_ga", perms={
89
90
91
            "fd dam": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status fd_comments"
                      " endorse_key view_certificate",
            "dm_ga": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status view_certificate",
92
93
            "activeam": "update_keycheck edit_bio view_person_audit_log endorse_key",
            "dd_nu dd_u oldam": "view_person_audit_log update_keycheck endorse_key",
94
        })
95

96
        cls._add_method(cls._test_perms, "dd_nu", perms={
97
98
99
            "fd dam": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status fd_comments"
                      " endorse_key view_certificate",
            "dd_nu": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status view_certificate",
100
101
            "activeam": "update_keycheck edit_bio view_person_audit_log endorse_key",
            "dd_u oldam": "view_person_audit_log update_keycheck endorse_key",
102
        })
103

104
        cls._add_method(cls._test_perms, "dd_u", perms={
105
106
107
            "fd dam": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status fd_comments"
                      " endorse_key view_certificate",
            "dd_u": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status view_certificate",
108
109
            "activeam": "update_keycheck edit_bio view_person_audit_log endorse_key",
            "dd_nu oldam": "view_person_audit_log update_keycheck endorse_key",
110
        })
111

112
        cls._add_method(cls._test_perms, "fd", perms={
113
114
115
116
            "fd": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status fd_comments"
                  " view_certificate",
            "dam": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status fd_comments"
                   " endorse_key view_certificate",
117
118
            "activeam": "update_keycheck edit_bio view_person_audit_log endorse_key",
            "dd_nu dd_u oldam": "view_person_audit_log update_keycheck endorse_key",
119
        })
120

121
        cls._add_method(cls._test_perms, "dam", perms={
122
123
124
125
            "fd": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status fd_comments"
                  " endorse_key view_certificate",
            "dam": "update_keycheck edit_email edit_bio view_person_audit_log request_new_status fd_comments"
                   " view_certificate",
126
127
            "activeam": "view_person_audit_log update_keycheck edit_bio endorse_key",
            "dd_nu dd_u oldam": "view_person_audit_log update_keycheck endorse_key",
128
        })
129

130
131
132
    def assertPermsEqual(self, action, perms_type, wanted, got):
        got = set(got)
        wanted = set(wanted)
133
134
        if got == wanted:
            return
135
136
137
        extra = got - wanted
        missing = wanted - got
        msg = []
138
139
140
141
        if missing:
            msg.append("misses {} {}".format(perms_type, ", ".join(sorted(missing))))
        if extra:
            msg.append("has extra {} {}".format(perms_type, ", ".join(sorted(extra))))
142
143
        self.fail(action + " " + " and ".join(msg))

Enrico Zini's avatar
Enrico Zini committed
144
    def _test_perms(self, visited, perms):
145
        from django.contrib.auth.models import AnonymousUser
146
        perms = ExpectedPerms(perms)
Enrico Zini's avatar
Enrico Zini committed
147
148
        other_visitors = set(self.persons.keys())
        other_visitors.add(None)
149
        for visitor, expected_perms in perms.perms.items():
Enrico Zini's avatar
Enrico Zini committed
150
            other_visitors.discard(visitor)
Enrico Zini's avatar
Enrico Zini committed
151
            visit_perms = self.persons[visited].permissions_of(self.persons[visitor])
Enrico Zini's avatar
Enrico Zini committed
152
153
            self.assertPermsEqual(
                "{} visiting {}".format(visitor, visited), "permissions",
Enrico Zini's avatar
Enrico Zini committed
154
                expected_perms, visit_perms)
Enrico Zini's avatar
Enrico Zini committed
155
        for visitor in other_visitors:
156
            visit_perms = self.persons[visited].permissions_of(self.persons[visitor] if visitor else AnonymousUser())
Enrico Zini's avatar
Enrico Zini committed
157
158
            self.assertPermsEqual(
                "{} visiting {}".format(visitor, visited), "permissions",
Enrico Zini's avatar
Enrico Zini committed
159
                [], visit_perms)
160

Enrico Zini's avatar
Enrico Zini committed
161

162
163
164
class ProcExpected(object):
    def __init__(self, testcase):
        self.proc = ExpectedSets(testcase, "{visitor} visiting app's process", "{problem} permissions {mismatch}")
165

166
    def patch_generic_process_started(self):
167
        self.proc.patch("dd_nu dd_u oldam activeam fd dam app adv", "+view_person_audit_log +update_keycheck")
168
        self.proc.patch("dd_nu dd_u oldam activeam fd dam adv", "+endorse_key")
Enrico Zini's avatar
Enrico Zini committed
169
        self.proc.patch("fd dam app", "+view_mbox +request_new_status +edit_bio +edit_email")
170
        self.proc.patch("fd dam", "+fd_comments")
171
172
173
174
175
176
        self.proc.patch("activeam", "+view_mbox +edit_bio")

    def patch_generic_process_has_advocate(self):
        self.proc.patch("adv", "+view_mbox +update_keycheck +view_person_audit_log")

    def patch_generic_process_am_approved(self):
177
        self.proc.patch("activeam app", "-edit_ldap -edit_fpr -edit_bio")
178
179
180

    def patch_generic_process_final(self):
        self.proc.patch("app activeam", "+edit_bio")
181
        self.proc.patch("fd dam app", "-edit_ldap -edit_fpr")
182
183
184
        if self.proc.testcase.processes.app.applying_for in (
                const.STATUS_DM, const.STATUS_DM_GA, const.STATUS_DD_NU, const.STATUS_DD_U):
            self.proc.patch("fd dam app", "+view_certificate")
185
186
187
188
189


class TestVisitApplicant(OldProcessFixtureMixin, TestCase):
    def assertApplicantPerms(self, perms):
        perms.proc.assertMatches(self.processes.app)
190
191
192
193
194
195
196
197

    def assertApplicantPermsFinal(self, expected):
        for p in (const.PROGRESS_DONE, const.PROGRESS_CANCELLED):
            self.processes.app.progress = p
            self.processes.app.is_active = False
            self.processes.app.save()
            self.assertApplicantPerms(expected)

198
199
200
201
202
203
    def test_dc_ddnu(self):
        """
        Test all visit combinations for an applicant from dc to dd_nu, with a dd advocate
        """
        self.persons.create("app", status=const.STATUS_DC)
        self.persons.create("adv", status=const.STATUS_DD_NU)
204
205
        self.processes.create(
                "app", person=self.persons.app, applying_for=const.STATUS_DD_NU, progress=const.PROGRESS_APP_RCVD)
206

207
208
        expected = ProcExpected(self)
        expected.patch_generic_process_started()
209
        expected.proc.patch("activeam fd dam app", "+edit_ldap +edit_fpr")
210
        self.processes.app.advocates.add(self.persons.adv)
211
212
        expected.patch_generic_process_has_advocate()
        expected.patch_generic_process_am_approved()
213
214
        self.persons.app.status = self.processes.app.applying_for
        self.persons.app.save(audit_skip=True)
215
        expected.patch_generic_process_final()
216
217
218
219
220
221
222
223
        self.assertApplicantPermsFinal(expected)

    def test_dcga_ddnu(self):
        """
        Test all visit combinations for an applicant from dc_ga to dd_nu, with a dd advocate
        """
        self.persons.create("app", status=const.STATUS_DC_GA)
        self.persons.create("adv", status=const.STATUS_DD_NU)
224
225
        self.processes.create(
                "app", person=self.persons.app, applying_for=const.STATUS_DD_NU, progress=const.PROGRESS_APP_RCVD)
226

227
228
        expected = ProcExpected(self)
        expected.patch_generic_process_started()
229
        self.processes.app.advocates.add(self.persons.adv)
230
231
        expected.patch_generic_process_has_advocate()
        expected.patch_generic_process_am_approved()
232
233
        self.persons.app.status = self.processes.app.applying_for
        self.persons.app.save(audit_skip=True)
234
        expected.patch_generic_process_final()
235
236
237
238
239
240
241
242
        self.assertApplicantPermsFinal(expected)

    def test_dc_ddu(self):
        """
        Test all visit combinations for an applicant from dc to dd_u, with a dd advocate
        """
        self.persons.create("app", status=const.STATUS_DC)
        self.persons.create("adv", status=const.STATUS_DD_NU)
243
244
        self.processes.create(
                "app", person=self.persons.app, applying_for=const.STATUS_DD_U, progress=const.PROGRESS_APP_RCVD)
245

246
247
        expected = ProcExpected(self)
        expected.patch_generic_process_started()
248
        expected.proc.patch("activeam fd dam app", "+edit_ldap +edit_fpr")
249
        self.processes.app.advocates.add(self.persons.adv)
250
251
        expected.patch_generic_process_has_advocate()
        expected.patch_generic_process_am_approved()
252
253
        self.persons.app.status = self.processes.app.applying_for
        self.persons.app.save(audit_skip=True)
254
        expected.patch_generic_process_final()
255
256
257
258
259
260
261
262
        self.assertApplicantPermsFinal(expected)

    def test_dcga_ddu(self):
        """
        Test all visit combinations for an applicant from dc_ga to dd_u, with a dd advocate
        """
        self.persons.create("app", status=const.STATUS_DC_GA)
        self.persons.create("adv", status=const.STATUS_DD_NU)
263
264
        self.processes.create(
                "app", person=self.persons.app, applying_for=const.STATUS_DD_U, progress=const.PROGRESS_APP_RCVD)
265

266
267
        expected = ProcExpected(self)
        expected.patch_generic_process_started()
268
        self.processes.app.advocates.add(self.persons.adv)
269
270
        expected.patch_generic_process_has_advocate()
        expected.patch_generic_process_am_approved()
271
272
        self.persons.app.status = self.processes.app.applying_for
        self.persons.app.save(audit_skip=True)
273
        expected.patch_generic_process_final()
274
275
276
277
278
279
280
281
        self.assertApplicantPermsFinal(expected)

    def test_dm_ddu(self):
        """
        Test all visit combinations for an applicant from dm to dd_u, with a dd advocate
        """
        self.persons.create("app", status=const.STATUS_DM)
        self.persons.create("adv", status=const.STATUS_DD_NU)
282
283
        self.processes.create(
                "app", person=self.persons.app, applying_for=const.STATUS_DD_U, progress=const.PROGRESS_APP_RCVD)
284

285
286
        expected = ProcExpected(self)
        expected.patch_generic_process_started()
287
        expected.proc.patch("activeam fd dam app", "+edit_ldap +edit_fpr")
288
        self.processes.app.advocates.add(self.persons.adv)
289
290
        expected.patch_generic_process_has_advocate()
        expected.patch_generic_process_am_approved()
291
292
        self.persons.app.status = self.processes.app.applying_for
        self.persons.app.save(audit_skip=True)
293
        expected.patch_generic_process_final()
294
295
296
297
298
299
300
301
        self.assertApplicantPermsFinal(expected)

    def test_dmga_ddu(self):
        """
        Test all visit combinations for an applicant from dm to dd_u, with a dd advocate
        """
        self.persons.create("app", status=const.STATUS_DM_GA)
        self.persons.create("adv", status=const.STATUS_DD_NU)
302
303
        self.processes.create(
                "app", person=self.persons.app, applying_for=const.STATUS_DD_U, progress=const.PROGRESS_APP_RCVD)
304
305
        expected = ProcExpected(self)
        expected.patch_generic_process_started()
306
        self.processes.app.advocates.add(self.persons.adv)
307
308
        expected.patch_generic_process_has_advocate()
        expected.patch_generic_process_am_approved()
309
310
        self.persons.app.status = self.processes.app.applying_for
        self.persons.app.save(audit_skip=True)
311
        expected.patch_generic_process_final()
312
        self.assertApplicantPermsFinal(expected)