709 lines
32 KiB
Python
709 lines
32 KiB
Python
import uuid
|
|
|
|
from django.core.urlresolvers import reverse
|
|
|
|
from taiga.base.utils import json
|
|
from taiga.projects import choices as project_choices
|
|
from taiga.projects.userstories.serializers import UserStorySerializer
|
|
from taiga.permissions.choices import MEMBERS_PERMISSIONS, ANON_PERMISSIONS
|
|
from taiga.projects.occ import OCCResourceMixin
|
|
|
|
from tests import factories as f
|
|
from tests.utils import helper_test_http_method, disconnect_signals, reconnect_signals
|
|
from taiga.projects.votes.services import add_vote
|
|
from taiga.projects.notifications.services import add_watcher
|
|
|
|
from unittest import mock
|
|
|
|
import pytest
|
|
pytestmark = pytest.mark.django_db
|
|
|
|
|
|
def setup_function(function):
|
|
disconnect_signals()
|
|
|
|
|
|
def teardown_function(function):
|
|
reconnect_signals()
|
|
|
|
|
|
@pytest.fixture
|
|
def data():
|
|
m = type("Models", (object,), {})
|
|
|
|
m.registered_user = f.UserFactory.create()
|
|
m.project_member_with_perms = f.UserFactory.create()
|
|
m.project_member_without_perms = f.UserFactory.create()
|
|
m.project_owner = f.UserFactory.create()
|
|
m.other_user = f.UserFactory.create()
|
|
|
|
m.public_project = f.ProjectFactory(is_private=False,
|
|
anon_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)),
|
|
public_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)),
|
|
owner=m.project_owner,
|
|
userstories_csv_uuid=uuid.uuid4().hex)
|
|
m.private_project1 = f.ProjectFactory(is_private=True,
|
|
anon_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)),
|
|
public_permissions=list(map(lambda x: x[0], ANON_PERMISSIONS)),
|
|
owner=m.project_owner,
|
|
userstories_csv_uuid=uuid.uuid4().hex)
|
|
m.private_project2 = f.ProjectFactory(is_private=True,
|
|
anon_permissions=[],
|
|
public_permissions=[],
|
|
owner=m.project_owner,
|
|
userstories_csv_uuid=uuid.uuid4().hex)
|
|
m.blocked_project = f.ProjectFactory(is_private=True,
|
|
anon_permissions=[],
|
|
public_permissions=[],
|
|
owner=m.project_owner,
|
|
userstories_csv_uuid=uuid.uuid4().hex,
|
|
blocked_code=project_choices.BLOCKED_BY_STAFF)
|
|
|
|
m.public_membership = f.MembershipFactory(project=m.public_project,
|
|
user=m.project_member_with_perms,
|
|
role__project=m.public_project,
|
|
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
|
|
m.private_membership1 = f.MembershipFactory(project=m.private_project1,
|
|
user=m.project_member_with_perms,
|
|
role__project=m.private_project1,
|
|
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
|
|
f.MembershipFactory(project=m.private_project1,
|
|
user=m.project_member_without_perms,
|
|
role__project=m.private_project1,
|
|
role__permissions=[])
|
|
m.private_membership2 = f.MembershipFactory(project=m.private_project2,
|
|
user=m.project_member_with_perms,
|
|
role__project=m.private_project2,
|
|
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
|
|
f.MembershipFactory(project=m.private_project2,
|
|
user=m.project_member_without_perms,
|
|
role__project=m.private_project2,
|
|
role__permissions=[])
|
|
m.blocked_membership = f.MembershipFactory(project=m.blocked_project,
|
|
user=m.project_member_with_perms,
|
|
role__project=m.blocked_project,
|
|
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
|
|
f.MembershipFactory(project=m.blocked_project,
|
|
user=m.project_member_without_perms,
|
|
role__project=m.blocked_project,
|
|
role__permissions=[])
|
|
|
|
f.MembershipFactory(project=m.public_project,
|
|
user=m.project_owner,
|
|
is_admin=True)
|
|
|
|
f.MembershipFactory(project=m.private_project1,
|
|
user=m.project_owner,
|
|
is_admin=True)
|
|
|
|
f.MembershipFactory(project=m.private_project2,
|
|
user=m.project_owner,
|
|
is_admin=True)
|
|
|
|
f.MembershipFactory(project=m.blocked_project,
|
|
user=m.project_owner,
|
|
is_admin=True)
|
|
|
|
m.public_points = f.PointsFactory(project=m.public_project)
|
|
m.private_points1 = f.PointsFactory(project=m.private_project1)
|
|
m.private_points2 = f.PointsFactory(project=m.private_project2)
|
|
m.blocked_points = f.PointsFactory(project=m.blocked_project)
|
|
|
|
m.public_role_points = f.RolePointsFactory(role=m.public_project.roles.all()[0],
|
|
points=m.public_points,
|
|
user_story__project=m.public_project,
|
|
user_story__milestone__project=m.public_project,
|
|
user_story__status__project=m.public_project)
|
|
m.private_role_points1 = f.RolePointsFactory(role=m.private_project1.roles.all()[0],
|
|
points=m.private_points1,
|
|
user_story__project=m.private_project1,
|
|
user_story__milestone__project=m.private_project1,
|
|
user_story__status__project=m.private_project1)
|
|
m.private_role_points2 = f.RolePointsFactory(role=m.private_project2.roles.all()[0],
|
|
points=m.private_points2,
|
|
user_story__project=m.private_project2,
|
|
user_story__milestone__project=m.private_project2,
|
|
user_story__status__project=m.private_project2)
|
|
m.blocked_role_points = f.RolePointsFactory(role=m.blocked_project.roles.all()[0],
|
|
points=m.blocked_points,
|
|
user_story__project=m.blocked_project,
|
|
user_story__milestone__project=m.blocked_project,
|
|
user_story__status__project=m.blocked_project)
|
|
|
|
m.public_user_story = m.public_role_points.user_story
|
|
m.private_user_story1 = m.private_role_points1.user_story
|
|
m.private_user_story2 = m.private_role_points2.user_story
|
|
m.blocked_user_story = m.blocked_role_points.user_story
|
|
|
|
return m
|
|
|
|
|
|
def test_user_story_retrieve(client, data):
|
|
public_url = reverse('userstories-detail', kwargs={"pk": data.public_user_story.pk})
|
|
private_url1 = reverse('userstories-detail', kwargs={"pk": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstories-detail', kwargs={"pk": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstories-detail', kwargs={"pk": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'get', public_url, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url1, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url2, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
results = helper_test_http_method(client, 'get', blocked_url, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
|
|
def test_user_story_update(client, data):
|
|
public_url = reverse('userstories-detail', kwargs={"pk": data.public_user_story.pk})
|
|
private_url1 = reverse('userstories-detail', kwargs={"pk": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstories-detail', kwargs={"pk": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstories-detail', kwargs={"pk": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
|
|
user_story_data = UserStorySerializer(data.public_user_story).data
|
|
user_story_data["subject"] = "test"
|
|
user_story_data = json.dumps(user_story_data)
|
|
results = helper_test_http_method(client, 'put', public_url, user_story_data, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
user_story_data = UserStorySerializer(data.private_user_story1).data
|
|
user_story_data["subject"] = "test"
|
|
user_story_data = json.dumps(user_story_data)
|
|
results = helper_test_http_method(client, 'put', private_url1, user_story_data, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
user_story_data = UserStorySerializer(data.private_user_story2).data
|
|
user_story_data["subject"] = "test"
|
|
user_story_data = json.dumps(user_story_data)
|
|
results = helper_test_http_method(client, 'put', private_url2, user_story_data, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
user_story_data = UserStorySerializer(data.blocked_user_story).data
|
|
user_story_data["subject"] = "test"
|
|
user_story_data = json.dumps(user_story_data)
|
|
results = helper_test_http_method(client, 'put', blocked_url, user_story_data, users)
|
|
assert results == [401, 403, 403, 451, 451]
|
|
|
|
def test_user_story_update_with_project_change(client):
|
|
user1 = f.UserFactory.create()
|
|
user2 = f.UserFactory.create()
|
|
user3 = f.UserFactory.create()
|
|
user4 = f.UserFactory.create()
|
|
project1 = f.ProjectFactory()
|
|
project2 = f.ProjectFactory()
|
|
|
|
us_status1 = f.UserStoryStatusFactory.create(project=project1)
|
|
us_status2 = f.UserStoryStatusFactory.create(project=project2)
|
|
|
|
project1.default_us_status = us_status1
|
|
project2.default_us_status = us_status2
|
|
|
|
project1.save()
|
|
project2.save()
|
|
|
|
membership1 = f.MembershipFactory(project=project1,
|
|
user=user1,
|
|
role__project=project1,
|
|
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
|
|
membership2 = f.MembershipFactory(project=project2,
|
|
user=user1,
|
|
role__project=project2,
|
|
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
|
|
membership3 = f.MembershipFactory(project=project1,
|
|
user=user2,
|
|
role__project=project1,
|
|
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
|
|
membership4 = f.MembershipFactory(project=project2,
|
|
user=user3,
|
|
role__project=project2,
|
|
role__permissions=list(map(lambda x: x[0], MEMBERS_PERMISSIONS)))
|
|
|
|
us = f.UserStoryFactory.create(project=project1)
|
|
|
|
url = reverse('userstories-detail', kwargs={"pk": us.pk})
|
|
|
|
# Test user with permissions in both projects
|
|
client.login(user1)
|
|
|
|
us_data = UserStorySerializer(us).data
|
|
us_data["project"] = project2.id
|
|
us_data = json.dumps(us_data)
|
|
|
|
response = client.put(url, data=us_data, content_type="application/json")
|
|
|
|
assert response.status_code == 200
|
|
|
|
us.project = project1
|
|
us.save()
|
|
|
|
# Test user with permissions in only origin project
|
|
client.login(user2)
|
|
|
|
us_data = UserStorySerializer(us).data
|
|
us_data["project"] = project2.id
|
|
us_data = json.dumps(us_data)
|
|
|
|
response = client.put(url, data=us_data, content_type="application/json")
|
|
|
|
assert response.status_code == 403
|
|
|
|
us.project = project1
|
|
us.save()
|
|
|
|
# Test user with permissions in only destionation project
|
|
client.login(user3)
|
|
|
|
us_data = UserStorySerializer(us).data
|
|
us_data["project"] = project2.id
|
|
us_data = json.dumps(us_data)
|
|
|
|
response = client.put(url, data=us_data, content_type="application/json")
|
|
|
|
assert response.status_code == 403
|
|
|
|
us.project = project1
|
|
us.save()
|
|
|
|
# Test user without permissions in the projects
|
|
client.login(user4)
|
|
|
|
us_data = UserStorySerializer(us).data
|
|
us_data["project"] = project2.id
|
|
us_data = json.dumps(us_data)
|
|
|
|
response = client.put(url, data=us_data, content_type="application/json")
|
|
|
|
assert response.status_code == 403
|
|
|
|
us.project = project1
|
|
us.save()
|
|
|
|
|
|
def test_user_story_delete(client, data):
|
|
public_url = reverse('userstories-detail', kwargs={"pk": data.public_user_story.pk})
|
|
private_url1 = reverse('userstories-detail', kwargs={"pk": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstories-detail', kwargs={"pk": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstories-detail', kwargs={"pk": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
]
|
|
results = helper_test_http_method(client, 'delete', public_url, None, users)
|
|
assert results == [401, 403, 403, 204]
|
|
results = helper_test_http_method(client, 'delete', private_url1, None, users)
|
|
assert results == [401, 403, 403, 204]
|
|
results = helper_test_http_method(client, 'delete', private_url2, None, users)
|
|
assert results == [401, 403, 403, 204]
|
|
results = helper_test_http_method(client, 'delete', blocked_url, None, users)
|
|
assert results == [401, 403, 403, 451]
|
|
|
|
|
|
def test_user_story_list(client, data):
|
|
url = reverse('userstories-list')
|
|
|
|
response = client.get(url)
|
|
userstories_data = json.loads(response.content.decode('utf-8'))
|
|
assert len(userstories_data) == 2
|
|
assert response.status_code == 200
|
|
|
|
client.login(data.registered_user)
|
|
|
|
response = client.get(url)
|
|
userstories_data = json.loads(response.content.decode('utf-8'))
|
|
assert len(userstories_data) == 2
|
|
assert response.status_code == 200
|
|
|
|
client.login(data.project_member_with_perms)
|
|
|
|
response = client.get(url)
|
|
userstories_data = json.loads(response.content.decode('utf-8'))
|
|
assert len(userstories_data) == 4
|
|
assert response.status_code == 200
|
|
|
|
client.login(data.project_owner)
|
|
|
|
response = client.get(url)
|
|
userstories_data = json.loads(response.content.decode('utf-8'))
|
|
assert len(userstories_data) == 4
|
|
assert response.status_code == 200
|
|
|
|
|
|
def test_user_story_create(client, data):
|
|
url = reverse('userstories-list')
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
create_data = json.dumps({"subject": "test", "ref": 1, "project": data.public_project.pk})
|
|
results = helper_test_http_method(client, 'post', url, create_data, users)
|
|
assert results == [401, 403, 403, 201, 201]
|
|
|
|
create_data = json.dumps({"subject": "test", "ref": 2, "project": data.private_project1.pk})
|
|
results = helper_test_http_method(client, 'post', url, create_data, users)
|
|
assert results == [401, 403, 403, 201, 201]
|
|
|
|
create_data = json.dumps({"subject": "test", "ref": 3, "project": data.private_project2.pk})
|
|
results = helper_test_http_method(client, 'post', url, create_data, users)
|
|
assert results == [401, 403, 403, 201, 201]
|
|
|
|
create_data = json.dumps({"subject": "test", "ref": 4, "project": data.blocked_project.pk})
|
|
results = helper_test_http_method(client, 'post', url, create_data, users)
|
|
assert results == [401, 403, 403, 451, 451]
|
|
|
|
|
|
def test_user_story_patch(client, data):
|
|
public_url = reverse('userstories-detail', kwargs={"pk": data.public_user_story.pk})
|
|
private_url1 = reverse('userstories-detail', kwargs={"pk": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstories-detail', kwargs={"pk": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstories-detail', kwargs={"pk": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
with mock.patch.object(OCCResourceMixin, "_validate_and_update_version"):
|
|
patch_data = json.dumps({"subject": "test", "version": data.public_user_story.version})
|
|
results = helper_test_http_method(client, 'patch', public_url, patch_data, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
patch_data = json.dumps({"subject": "test", "version": data.private_user_story1.version})
|
|
results = helper_test_http_method(client, 'patch', private_url1, patch_data, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
patch_data = json.dumps({"subject": "test", "version": data.private_user_story2.version})
|
|
results = helper_test_http_method(client, 'patch', private_url2, patch_data, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
patch_data = json.dumps({"subject": "test", "version": data.blocked_user_story.version})
|
|
results = helper_test_http_method(client, 'patch', blocked_url, patch_data, users)
|
|
assert results == [401, 403, 403, 451, 451]
|
|
|
|
|
|
def test_user_story_action_bulk_create(client, data):
|
|
url = reverse('userstories-bulk-create')
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
bulk_data = json.dumps({"bulk_stories": "test1\ntest2", "project_id": data.public_user_story.project.pk})
|
|
results = helper_test_http_method(client, 'post', url, bulk_data, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
bulk_data = json.dumps({"bulk_stories": "test1\ntest2", "project_id": data.private_user_story1.project.pk})
|
|
results = helper_test_http_method(client, 'post', url, bulk_data, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
bulk_data = json.dumps({"bulk_stories": "test1\ntest2", "project_id": data.private_user_story2.project.pk})
|
|
results = helper_test_http_method(client, 'post', url, bulk_data, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
bulk_data = json.dumps({"bulk_stories": "test1\ntest2", "project_id": data.blocked_user_story.project.pk})
|
|
results = helper_test_http_method(client, 'post', url, bulk_data, users)
|
|
assert results == [401, 403, 403, 451, 451]
|
|
|
|
|
|
def test_user_story_action_bulk_update_order(client, data):
|
|
url = reverse('userstories-bulk-update-backlog-order')
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
post_data = json.dumps({
|
|
"bulk_stories": [{"us_id": data.public_user_story.id, "order": 2}],
|
|
"project_id": data.public_project.pk
|
|
})
|
|
results = helper_test_http_method(client, 'post', url, post_data, users)
|
|
assert results == [401, 403, 403, 204, 204]
|
|
|
|
post_data = json.dumps({
|
|
"bulk_stories": [{"us_id": data.private_user_story1.id, "order": 2}],
|
|
"project_id": data.private_project1.pk
|
|
})
|
|
results = helper_test_http_method(client, 'post', url, post_data, users)
|
|
assert results == [401, 403, 403, 204, 204]
|
|
|
|
post_data = json.dumps({
|
|
"bulk_stories": [{"us_id": data.private_user_story2.id, "order": 2}],
|
|
"project_id": data.private_project2.pk
|
|
})
|
|
results = helper_test_http_method(client, 'post', url, post_data, users)
|
|
assert results == [401, 403, 403, 204, 204]
|
|
|
|
post_data = json.dumps({
|
|
"bulk_stories": [{"us_id": data.blocked_user_story.id, "order": 2}],
|
|
"project_id": data.blocked_project.pk
|
|
})
|
|
results = helper_test_http_method(client, 'post', url, post_data, users)
|
|
assert results == [401, 403, 403, 451, 451]
|
|
|
|
|
|
def test_user_story_action_upvote(client, data):
|
|
public_url = reverse('userstories-upvote', kwargs={"pk": data.public_user_story.pk})
|
|
private_url1 = reverse('userstories-upvote', kwargs={"pk": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstories-upvote', kwargs={"pk": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstories-upvote', kwargs={"pk": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'post', public_url, "", users)
|
|
assert results == [401, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'post', private_url1, "", users)
|
|
assert results == [401, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'post', private_url2, "", users)
|
|
assert results == [404, 404, 404, 200, 200]
|
|
results = helper_test_http_method(client, 'post', blocked_url, "", users)
|
|
assert results == [404, 404, 404, 451, 451]
|
|
|
|
|
|
def test_user_story_action_downvote(client, data):
|
|
public_url = reverse('userstories-downvote', kwargs={"pk": data.public_user_story.pk})
|
|
private_url1 = reverse('userstories-downvote', kwargs={"pk": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstories-downvote', kwargs={"pk": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstories-downvote', kwargs={"pk": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'post', public_url, "", users)
|
|
assert results == [401, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'post', private_url1, "", users)
|
|
assert results == [401, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'post', private_url2, "", users)
|
|
assert results == [404, 404, 404, 200, 200]
|
|
results = helper_test_http_method(client, 'post', blocked_url, "", users)
|
|
assert results == [404, 404, 404, 451, 451]
|
|
|
|
|
|
def test_user_story_voters_list(client, data):
|
|
public_url = reverse('userstory-voters-list', kwargs={"resource_id": data.public_user_story.pk})
|
|
private_url1 = reverse('userstory-voters-list', kwargs={"resource_id": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstory-voters-list', kwargs={"resource_id": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstory-voters-list', kwargs={"resource_id": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'get', public_url, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url1, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url2, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
results = helper_test_http_method(client, 'get', blocked_url, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
|
|
def test_user_story_voters_retrieve(client, data):
|
|
add_vote(data.public_user_story, data.project_owner)
|
|
public_url = reverse('userstory-voters-detail', kwargs={"resource_id": data.public_user_story.pk,
|
|
"pk": data.project_owner.pk})
|
|
add_vote(data.private_user_story1, data.project_owner)
|
|
private_url1 = reverse('userstory-voters-detail', kwargs={"resource_id": data.private_user_story1.pk,
|
|
"pk": data.project_owner.pk})
|
|
add_vote(data.private_user_story2, data.project_owner)
|
|
private_url2 = reverse('userstory-voters-detail', kwargs={"resource_id": data.private_user_story2.pk,
|
|
"pk": data.project_owner.pk})
|
|
|
|
add_vote(data.blocked_user_story, data.project_owner)
|
|
blocked_url = reverse('userstory-voters-detail', kwargs={"resource_id": data.blocked_user_story.pk,
|
|
"pk": data.project_owner.pk})
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'get', public_url, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url1, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url2, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
results = helper_test_http_method(client, 'get', blocked_url, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
|
|
def test_user_stories_csv(client, data):
|
|
url = reverse('userstories-csv')
|
|
csv_public_uuid = data.public_project.userstories_csv_uuid
|
|
csv_private1_uuid = data.private_project1.userstories_csv_uuid
|
|
csv_private2_uuid = data.private_project1.userstories_csv_uuid
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'get', "{}?uuid={}".format(url, csv_public_uuid), None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
|
|
results = helper_test_http_method(client, 'get', "{}?uuid={}".format(url, csv_private1_uuid), None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
|
|
results = helper_test_http_method(client, 'get', "{}?uuid={}".format(url, csv_private2_uuid), None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
|
|
|
|
def test_user_story_action_watch(client, data):
|
|
public_url = reverse('userstories-watch', kwargs={"pk": data.public_user_story.pk})
|
|
private_url1 = reverse('userstories-watch', kwargs={"pk": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstories-watch', kwargs={"pk": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstories-watch', kwargs={"pk": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'post', public_url, "", users)
|
|
assert results == [401, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'post', private_url1, "", users)
|
|
assert results == [401, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'post', private_url2, "", users)
|
|
assert results == [404, 404, 404, 200, 200]
|
|
results = helper_test_http_method(client, 'post', blocked_url, "", users)
|
|
assert results == [404, 404, 404, 451, 451]
|
|
|
|
|
|
def test_user_story_action_unwatch(client, data):
|
|
public_url = reverse('userstories-unwatch', kwargs={"pk": data.public_user_story.pk})
|
|
private_url1 = reverse('userstories-unwatch', kwargs={"pk": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstories-unwatch', kwargs={"pk": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstories-unwatch', kwargs={"pk": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'post', public_url, "", users)
|
|
assert results == [401, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'post', private_url1, "", users)
|
|
assert results == [401, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'post', private_url2, "", users)
|
|
assert results == [404, 404, 404, 200, 200]
|
|
results = helper_test_http_method(client, 'post', blocked_url, "", users)
|
|
assert results == [404, 404, 404, 451, 451]
|
|
|
|
|
|
def test_userstory_watchers_list(client, data):
|
|
public_url = reverse('userstory-watchers-list', kwargs={"resource_id": data.public_user_story.pk})
|
|
private_url1 = reverse('userstory-watchers-list', kwargs={"resource_id": data.private_user_story1.pk})
|
|
private_url2 = reverse('userstory-watchers-list', kwargs={"resource_id": data.private_user_story2.pk})
|
|
blocked_url = reverse('userstory-watchers-list', kwargs={"resource_id": data.blocked_user_story.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'get', public_url, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url1, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url2, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
results = helper_test_http_method(client, 'get', blocked_url, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
|
|
|
|
def test_userstory_watchers_retrieve(client, data):
|
|
add_watcher(data.public_user_story, data.project_owner)
|
|
public_url = reverse('userstory-watchers-detail', kwargs={"resource_id": data.public_user_story.pk,
|
|
"pk": data.project_owner.pk})
|
|
add_watcher(data.private_user_story1, data.project_owner)
|
|
private_url1 = reverse('userstory-watchers-detail', kwargs={"resource_id": data.private_user_story1.pk,
|
|
"pk": data.project_owner.pk})
|
|
add_watcher(data.private_user_story2, data.project_owner)
|
|
private_url2 = reverse('userstory-watchers-detail', kwargs={"resource_id": data.private_user_story2.pk,
|
|
"pk": data.project_owner.pk})
|
|
add_watcher(data.blocked_user_story, data.project_owner)
|
|
blocked_url = reverse('userstory-watchers-detail', kwargs={"resource_id": data.blocked_user_story.pk,
|
|
"pk": data.project_owner.pk})
|
|
|
|
users = [
|
|
None,
|
|
data.registered_user,
|
|
data.project_member_without_perms,
|
|
data.project_member_with_perms,
|
|
data.project_owner
|
|
]
|
|
|
|
results = helper_test_http_method(client, 'get', public_url, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url1, None, users)
|
|
assert results == [200, 200, 200, 200, 200]
|
|
results = helper_test_http_method(client, 'get', private_url2, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|
|
results = helper_test_http_method(client, 'get', blocked_url, None, users)
|
|
assert results == [401, 403, 403, 200, 200]
|