More permission tests and tweaks

f47409d1 · Enrico Zini · e3b76749 · f47409d1 · f47409d1
Commit f47409d1 authored Jun 02, 2016 by Enrico Zini
--- a/process/models.py
+++ b/process/models.py
@@ -69,14 +69,15 @@ class RequirementVisitorPermissions(ProcessVisitorPermissions):
            pass
        elif self.visitor.is_admin:
            if not self.process.closed:
-                self.update(("edit_statements", "req_approve", "req_unapprove"))
+                self.add("edit_statements")
+                self.add("req_unapprove" if self.requirement.approved_by else "req_approve")
        elif not self.process_frozen:
            if self.requirement.type == "intent":
                if self.visitor == self.person: self.add("edit_statements")
-                if self.visitor.is_dd: self.update(("req_approve", "req_unapprove"))
+                if self.visitor.is_dd: self.add("req_unapprove" if self.requirement.approved_by else "req_approve")
            elif self.requirement.type == "sc_dmup":
                if self.visitor == self.person: self.add("edit_statements")
-                if self.visitor.is_dd: self.update(("req_approve", "req_unapprove"))
+                if self.visitor.is_dd: self.add("req_unapprove" if self.requirement.approved_by else "req_approve")
            elif self.requirement.type == "advocate":
                if self.process.applying_for == const.STATUS_DC_GA:
                    if self.visitor.status in (const.STATUS_DM, const.STATUS_DM_GA, const.STATUS_DD_NU, const.STATUS_DD_U):
@@ -93,14 +94,14 @@ class RequirementVisitorPermissions(ProcessVisitorPermissions):
                elif self.process.applying_for == const.STATUS_DD_U:
                    if self.visitor.status in (const.STATUS_DD_NU, const.STATUS_DD_U):
                        self.add("edit_statements")
-                if self.visitor.is_dd: self.update(("req_approve", "req_unapprove"))
+                if self.visitor.is_dd: self.add("req_unapprove" if self.requirement.approved_by else "req_approve")
            elif self.requirement.type == "am_ok":
                a = self.process.current_am_assignment
                if a is not None:
                    if a.am.person == self.visitor:
                        self.add("edit_statements")
                    elif self.visitor.is_active_am:
-                        self.update(("req_approve", "req_unapprove"))
+                        self.add("req_unapprove" if self.requirement.approved_by else "req_approve")
 class ProcessManager(models.Manager):

--- a/process/tests/test_perms.py
+++ b/process/tests/test_perms.py
@@ -70,28 +70,40 @@ class ProcExpected(object):
        self.proc.patch("fd dam", "+proc_freeze")
        self.proc.patch("dc dc_ga dm dm_ga dd_nu dd_u dd_e dd_r activeam fd dam app", "+add_log")
        self.intent.patch("fd dam app", "+edit_statements")
-        self.intent.patch("activeam fd dam dd_nu dd_u", "+req_approve +req_unapprove")
+        self.intent.patch("activeam fd dam dd_nu dd_u", "+req_approve")
        self.sc_dmup.patch("fd dam app", "+edit_statements")
-        self.sc_dmup.patch("activeam fd dam dd_nu dd_u", "+req_approve +req_unapprove")
+        self.sc_dmup.patch("activeam fd dam dd_nu dd_u", "+req_approve")
-        self.advocate.patch("activeam fd dam dd_nu dd_u", "+edit_statements +req_approve +req_unapprove")
+        if self.advocate is not None:
-        if self.keycheck:
+            self.advocate.patch("activeam fd dam dd_nu dd_u", "+edit_statements +req_approve")
-            pass
+        if self.keycheck is not None:
-        if self.am_ok:
            pass
+        if self.am_ok is not None:
+            self.proc.set("am", "update_keycheck view_person_audit_log edit_bio edit_ldap view_mbox add_log")
+            self.intent.patch("am", "+req_approve")
+            self.sc_dmup.patch("am", "+req_approve")
+            if self.advocate:
+                self.advocate.patch("am", "+edit_statements +req_approve")
+            self.am_ok.patch("fd dam", "+edit_statements +req_approve")
    def patch_generic_process_frozen(self):
        self.proc.patch("fd dam", "-proc_freeze +proc_unfreeze +proc_approve")
        self.proc.patch("activeam app", "-edit_bio -edit_ldap")
        self.intent.patch("app", "-edit_statements")
-        self.intent.patch("activeam dd_nu dd_u", "-req_approve -req_unapprove")
+        self.intent.patch("activeam dd_nu dd_u", "-req_approve")
        self.sc_dmup.patch("app", "-edit_statements")
-        self.sc_dmup.patch("activeam dd_nu dd_u", "-req_approve -req_unapprove")
+        self.sc_dmup.patch("activeam dd_nu dd_u", "-req_approve")
-        self.advocate.patch("activeam dd_nu dd_u dm dm_ga", "-edit_statements")
+        if self.advocate is not None:
-        self.advocate.patch("activeam dd_nu dd_u", "-req_approve -req_unapprove")
+            self.advocate.patch("activeam dd_nu dd_u dm dm_ga", "-edit_statements")
-        if self.keycheck:
+            self.advocate.patch("activeam dd_nu dd_u", "-req_approve")
-            pass
+        if self.keycheck is not None:
-        if self.am_ok:
            pass
+        if self.am_ok is not None:
+            self.proc.patch("am", "-edit_bio -edit_ldap")
+            self.intent.patch("am", "-req_approve")
+            self.sc_dmup.patch("am", "-req_approve")
+            self.advocate.patch("am", "-edit_statements -req_approve")
+            self.am_ok.patch("am", "-edit_statements")
+            self.am_ok.patch("activeam", "-req_approve")
    def patch_generic_process_approved(self):
        self.proc.patch("fd dam", "-proc_unfreeze -proc_approve +proc_unapprove")
@@ -99,13 +111,15 @@ class ProcExpected(object):
    def patch_generic_process_closed(self):
        self.proc.patch("fd dam", "-proc_unapprove")
        self.proc.patch("dc dc_ga dm dm_ga dd_nu dd_u dd_e dd_r activeam fd dam app", "-add_log")
-        self.intent.patch("fd dam", "-edit_statements -req_approve -req_unapprove")
+        self.intent.patch("fd dam", "-edit_statements -req_approve")
-        self.sc_dmup.patch("fd dam", "-edit_statements -req_approve -req_unapprove")
+        self.sc_dmup.patch("fd dam", "-edit_statements -req_approve")
-        self.advocate.patch("fd dam", "-edit_statements -req_approve -req_unapprove")
+        if self.advocate is not None:
-        if self.keycheck:
+            self.advocate.patch("fd dam", "-edit_statements -req_approve")
-            pass
+        if self.keycheck is not None:
-        if self.am_ok:
            pass
+        if self.am_ok is not None:
+            self.proc.patch("am", "-add_log")
+            self.am_ok.patch("fd dam", "-edit_statements -req_approve")
 #class TestPermsRequirementIntent(ProcessFixtureMixin, TestCase):
 #    @classmethod
@@ -272,6 +286,9 @@ class TestVisitApplicant(ProcessFixtureMixin, TestCase):
 #        else:
 #            raise RuntimeError("Invalid applying_for value {}".format(applying_for))
+    def _assign_am(self, visitor):
+        pmodels.AMAssignment.objects.create(process=self.processes.app, am=self.ams.am, assigned_by=self.persons[visitor], assigned_time=now())
    def _freeze_process(self, visitor):
        """
        Set a process as frozen for FD/DAM review
@@ -334,135 +351,138 @@ class TestVisitApplicant(ProcessFixtureMixin, TestCase):
        expected.proc.patch("fd dam", "-edit_ldap")
        self.assertPerms(expected)
+    def test_dm_dmga(self):
+        """
+        Test all visit combinations for an applicant from dm to dm_ga
+        """
+        expected = ProcExpected()
+        expected.advocate = None
+        expected.keycheck = None
+        expected.am_ok = None
+        # Apply
+        self.persons.create("app", status=const.STATUS_DM)
+        expected.starts.set("dm_ga dd_u")
+        self.assertPerms(expected)
+        self.processes.create("app", person=self.persons.app, applying_for=const.STATUS_DM_GA)
+        expected.patch_generic_process_started()
+        expected.starts.patch("-dm_ga")
+        expected.proc.patch("fd dam", "+edit_ldap")
+        expected.proc.patch("app", "+edit_ldap")
+        self.assertPerms(expected)
+        # Freeze for review
+        self._freeze_process("fd")
+        expected.patch_generic_process_frozen()
+        self.assertPerms(expected)
+        # Approve
+        self._approve_process("dam")
+        expected.patch_generic_process_approved()
+        # Finalize
+        self._close_process()
+        expected.patch_generic_process_closed()
+        expected.starts.patch("-dm_ga")
+        expected.proc.patch("fd dam", "-edit_ldap")
+        self.assertPerms(expected)
+    def test_dc_dm(self):
+        """
+        Test all visit combinations for an applicant from dc to dm
+        """
+        expected = ProcExpected()
+        expected.keycheck = None
+        expected.am_ok = None
+        # Apply
+        self.persons.create("app", status=const.STATUS_DC)
+        expected.starts.set("dc_ga dm dd_u dd_nu")
+        self.assertPerms(expected)
+        self.processes.create("app", person=self.persons.app, applying_for=const.STATUS_DM)
+        expected.patch_generic_process_started()
+        expected.starts.patch("-dm")
+        expected.proc.patch("fd dam", "+edit_ldap")
+        expected.proc.patch("app", "+edit_ldap")
+        self.assertPerms(expected)
+        # Freeze for review
+        self._freeze_process("fd")
+        expected.patch_generic_process_frozen()
+        self.assertPerms(expected)
+        # Approve
+        self._approve_process("dam")
+        expected.patch_generic_process_approved()
+        # Finalize
+        self._close_process()
+        expected.patch_generic_process_closed()
+        expected.starts.patch("-dc_ga -dm +dm_ga -dd_nu")
+        self.assertPerms(expected)
+    def test_dc_ddnu(self):
+        """
+        Test all visit combinations for an applicant from dc to dd_nu
+        """
+        expected = ProcExpected()
+        expected.keycheck = None
+        # Apply
+        self.persons.create("app", status=const.STATUS_DC)
+        self.persons.create("am", status=const.STATUS_DD_NU)
+        self.ams.create("am", person=self.persons.am)
+        expected.starts.set("dc_ga dm dd_u dd_nu")
+        self.assertPerms(expected)
+        self.processes.create("app", person=self.persons.app, applying_for=const.STATUS_DD_NU)
+        expected.patch_generic_process_started()
+        expected.starts.patch("-dd_nu")
+        expected.proc.patch("fd dam", "+edit_ldap")
+        expected.proc.patch("app", "+edit_ldap")
+        self.assertPerms(expected)
+        # Assign manager
+        self._assign_am("fd")
+        expected.proc.patch("am", "+edit_bio +edit_ldap")
+        expected.am_ok.patch("am", "+edit_statements")
+        expected.am_ok.patch("activeam", "+req_approve")
+        self.assertPerms(expected)
+        # Freeze for review
+        self._freeze_process("fd")
+        expected.patch_generic_process_frozen()
+        self.assertPerms(expected)
+        # Approve
+        self._approve_process("dam")
+        expected.patch_generic_process_approved()
+        # Finalize
+        self._close_process()
+        expected.patch_generic_process_closed()
+        expected.starts.patch("-dc_ga -dm -dd_nu")
+        expected.proc.patch("fd dam", "-edit_ldap")
+        self.assertPerms(expected)
-        # TODO: intent with no statements
-        # TODO: intent with a statement
-        # TODO: intent approved
-        # TODO: probably better, test requirements separately (like, intent and
-        #       sc_dmup are the same for everyone)
-        #       then here just test what happens when the various steps are
-        #       completed, or the AM is assigned
-#        self.assertApplicantPermsInitialProcess(expected)
-#
-#        self.processes.app.advocates.add(self.persons.adv)
-#        expected.set_perms("adv", "update_keycheck edit_bio edit_ldap view_person_audit_log see_statements view_mbox")
-#        expected.patch_advs("adv", "-dc_ga")
-#        self.assertApplicantPermsHasAdvocate(expected)
-#
-#        expected.patch_perms("app", "-edit_ldap")
-#        expected.set_perms("adv", "view_mbox")
-#        expected.patch_advs("fd dam dd_nu dd_u", "-dc_ga")
-#        expected.patch_advs("dm dm_ga", "-dc_ga")
-#        self.assertApplicantPermsAMApproved(expected)
-#
-#        self.persons.app.status = self.processes.app.applying_for
-#        self.persons.app.save(audit_skip=True)
-#        expected.patch_perms("fd dam app", "-edit_ldap")
-#        expected.patch_advs("fd dam dd_nu dd_u", "-dm +dm_ga")
-#        self.assertApplicantPermsFinal(expected)
-#    def test_dm_dmga_adv_self(self):
-#        """
-#        Test all visit combinations for an applicant from dm to dm_ga, with self as advocate
-#        """
-#        self.persons.create("app", status=const.STATUS_DM)
-#        self.processes.create("app", person=self.persons.app, applying_for=const.STATUS_DM_GA, progress=const.PROGRESS_APP_RCVD)
-#
-#        expected = ExpectedPerms({
-#            "fd dam app": "update_keycheck edit_bio edit_ldap view_person_audit_log see_statements edit_statements view_mbox request_new_status",
-#            "dd_nu dd_u": "view_person_audit_log",
-#        }, advs={
-#            "fd dam dd_nu dd_u": "dm_ga dd_u dd_nu",
-#            "app dm dm_ga": "dm_ga",
-#        })
-#        self.assertApplicantPermsInitialProcess(expected)
-#
-#        self.processes.app.advocates.add(self.persons.app)
-#        expected.patch_advs("app", "-dm_ga")
-#        self.assertApplicantPermsHasAdvocate(expected)
-#
-#        expected.patch_perms("app", "-edit_ldap")
-#        expected.patch_advs("fd dam dd_nu dd_u", "-dm_ga")
-#        expected.patch_advs("dm dm_ga", "-dm_ga")
-#        self.assertApplicantPermsAMApproved(expected)
-#
-#        self.persons.app.status = self.processes.app.applying_for
-#        self.persons.app.save(audit_skip=True)
-#        expected.patch_perms("fd dam app", "-edit_ldap")
-#        self.assertApplicantPermsFinal(expected)
-#
-#    def test_dm_dmga_adv_dd(self):
-#        """
-#        Test all visit combinations for an applicant from dm to dm_ga, with a dd advocate
-#        """
-#        self.persons.create("app", status=const.STATUS_DM)
-#        self.persons.create("adv", status=const.STATUS_DD_NU)
-#        self.processes.create("app", person=self.persons.app, applying_for=const.STATUS_DM_GA, progress=const.PROGRESS_APP_RCVD)
-#
-#        expected = ExpectedPerms({
-#            "fd dam app": "update_keycheck edit_bio edit_ldap view_person_audit_log see_statements edit_statements view_mbox request_new_status",
-#            "adv dd_nu dd_u": "view_person_audit_log",
-#        }, advs={
-#            "fd dam adv dd_nu dd_u": "dm_ga dd_u dd_nu",
-#            "app dm dm_ga": "dm_ga",
-#        })
-#        self.assertApplicantPermsInitialProcess(expected)
-#
-#        self.processes.app.advocates.add(self.persons.adv)
-#        expected.set_perms("adv", "update_keycheck edit_bio edit_ldap view_person_audit_log see_statements view_mbox")
-#        expected.patch_advs("adv", "-dm_ga")
-#        self.assertApplicantPermsHasAdvocate(expected)
-#
-#        expected.patch_perms("app", "-edit_ldap")
-#        expected.set_perms("adv", "view_person_audit_log view_mbox")
-#        expected.patch_advs("fd dam dd_nu dd_u app dm dm_ga", "-dm_ga")
-#        self.assertApplicantPermsAMApproved(expected)
-#
-#        self.persons.app.status = self.processes.app.applying_for
-#        self.persons.app.save(audit_skip=True)
-#        expected.patch_perms("fd dam app", "-edit_ldap")
-#        self.assertApplicantPermsFinal(expected)
-#
-#    def test_dc_dm(self):
-#        """
-#        Test all visit combinations for an applicant from dc to dm, with a dd advocate
-#        """
-#        self.persons.create("app", status=const.STATUS_DC)
-#        self.persons.create("adv", status=const.STATUS_DD_NU)
-#        self.processes.create("app", person=self.persons.app, applying_for=const.STATUS_DM, progress=const.PROGRESS_APP_RCVD)
-#
-#        expected = ExpectedPerms({
-#            "fd dam app": "update_keycheck edit_bio edit_ldap view_person_audit_log see_statements edit_statements view_mbox request_new_status",
-#            "adv dd_nu dd_u": "view_person_audit_log",
-#        }, advs={
-#            "fd dam adv dd_nu dd_u": "dc_ga dm dd_u dd_nu",
-#            "dm dm_ga": "dc_ga",
-#        })
-#        self.assertApplicantPermsInitialProcess(expected)
-#
-#        self.processes.app.advocates.add(self.persons.adv)
-#        expected.set_perms("adv", "update_keycheck edit_bio edit_ldap view_person_audit_log see_statements view_mbox")
-#        expected.patch_advs("adv", "-dm")
-#        self.assertApplicantPermsHasAdvocate(expected)
-#
-#        expected.patch_perms("app", "-edit_ldap")
-#        expected.set_perms("adv", "view_person_audit_log view_mbox")
-#        expected.patch_advs("fd dam dd_nu dd_u app dm dm_ga", "-dm")
-#        self.assertApplicantPermsAMApproved(expected)
-#
-#        self.persons.app.status = self.processes.app.applying_for
-#        self.persons.app.save(audit_skip=True)
-#        expected.patch_perms("app", "+edit_ldap")
-#        expected.patch_advs("fd dam dd_nu dd_u app adv dm dm_ga", "-dc_ga +dm_ga")
-#        self.assertApplicantPermsFinal(expected)
-#
-#    def test_dc_ddnu(self):
-#        """
-#        Test all visit combinations for an applicant from dc to dd_nu, with a dd advocate
-#        """
 #        self.persons.create("app", status=const.STATUS_DC)
 #        self.persons.create("adv", status=const.STATUS_DD_NU)
 #        self.processes.create("app", person=self.persons.app, applying_for=const.STATUS_DD_NU, progress=const.PROGRESS_APP_RCVD)
@@ -492,6 +512,16 @@ class TestVisitApplicant(ProcessFixtureMixin, TestCase):
 #        expected.patch_advs("fd dam dd_nu dd_u app dm dm_ga adv", "-dc_ga -dm")
 #        self.assertApplicantPermsFinal(expected)
 #
+        # TODO: intent with no statements
+        # TODO: intent with a statement
+        # TODO: intent approved
+        # TODO: probably better, test requirements separately (like, intent and
+        #       sc_dmup are the same for everyone)
+        #       then here just test what happens when the various steps are
+        #       completed, or the AM is assigned
 #    def test_dcga_ddnu(self):
 #        """
 #        Test all visit combinations for an applicant from dc_ga to dd_nu, with a dd advocate