Implemented unit tests for 'hawat.blueprints.groups' module.

(Redmine issue: #4410,#1017,#3443)

Implemented unit tests for 'hawat.blueprints.groups' module.
994d5c67 · Jan Mach · c8534f18 · 994d5c67 · 994d5c67 · 994d5c67
Commit 994d5c67 authored 4 years ago by Jan Mach
--- a/lib/hawat/blueprints/groups/forms.py
+++ b/lib/hawat/blueprints/groups/forms.py
@@ -127,7 +127,6 @@ class BaseGroupForm(vial.forms.BaseItemForm):
        lazy_gettext('Members:'),
        query_factory = get_available_users,
        get_label = format_select_option_label_user,
-        allow_blank = True,
        blank_text = lazy_gettext('<< no selection >>'),
        description = lazy_gettext('List of group members.')
    )
@@ -166,7 +165,6 @@ class AdminBaseGroupForm(BaseGroupForm):
        lazy_gettext('Managers:'),
        query_factory = get_available_users,
        get_label = format_select_option_label_user,
-        allow_blank = True,
        blank_text = lazy_gettext('<< no selection >>'),
        description = lazy_gettext('List of users acting as group managers. These users may change various group settings.')
    )

--- a/lib/hawat/blueprints/groups/templates/groups/creatupdate.html
+++ b/lib/hawat/blueprints/groups/templates/groups/creatupdate.html
@@ -55,8 +55,10 @@
                                {{ form.source }}
                                {{ macros_form.render_form_errors(form.next.errors) }}
                                {{ form.next }}
+                                {%- if 'csrf_token' in form %}
                                {{ macros_form.render_form_errors(form.csrf_token.errors) }}
                                {{ form.csrf_token }}
+                                {%- endif %}
                                <div class="btn-toolbar" role="toolbar" aria-label="{{ _('Form submission buttons') }}">
                                    <div class="btn-group" role="group">

--- a/lib/hawat/blueprints/groups/templates/groups/rejectmember.html
+++ b/lib/hawat/blueprints/groups/templates/groups/rejectmember.html
+{%- extends "_layout_confirmation.html" %}
+{%- block modalcontent %}
+                                <p>
+                                    {{ _('Are you really sure you want to reject membership request of user') }}
+                                </p>
+                                <p class="lead text-center">
+                                    {{ other_name }}
+                                </p>
+                                <p>
+                                    {{ _('for abuse group') }}
+                                </p>
+                                <p class="lead text-center">
+                                    {{ item_name }}
+                                </p>
+{% endblock modalcontent %}
--- a/lib/hawat/blueprints/groups/test/__init__.py
+++ b/lib/hawat/blueprints/groups/test/__init__.py
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+#-------------------------------------------------------------------------------
+# This file is part of Mentat system (https://mentat.cesnet.cz/).
+#
+# Copyright (C) since 2011 CESNET, z.s.p.o (http://www.ces.net/)
+# Use of this source is governed by the MIT license, see LICENSE file.
+#-------------------------------------------------------------------------------
+"""
+Unit tests for :py:mod:`hawat.blueprints.groups`.
+"""
+import unittest
+import vial.const
+import vial.test
+import vial.db
+from hawat.test import BaseAppTestCase, ItemCreateTestCase
+class GroupsListTestCase(BaseAppTestCase):
+    """Class for testing ``groups.list`` endpoint."""
+    def _attempt_fail(self):
+        self.assertGetURL(
+            '/groups/list',
+            403
+        )
+    def _attempt_succeed(self):
+        self.assertGetURL(
+            '/groups/list',
+            200,
+            [
+                b'View details of group &quot;DEMO_GROUP_A&quot;',
+                b'View details of group &quot;DEMO_GROUP_B&quot;',
+            ]
+        )
+    @vial.test.do_as_user_decorator(vial.const.ROLE_USER)
+    def test_01_as_user(self):
+        """Test access as user ``user``."""
+        self._attempt_fail()
+    @vial.test.do_as_user_decorator(vial.const.ROLE_DEVELOPER)
+    def test_02_as_developer(self):
+        """Test access as user ``developer``."""
+        self._attempt_fail()
+    @vial.test.do_as_user_decorator(vial.const.ROLE_MAINTAINER)
+    def test_03_as_maintainer(self):
+        """Test access as user ``maintainer``."""
+        self._attempt_succeed()
+    @vial.test.do_as_user_decorator(vial.const.ROLE_ADMIN)
+    def test_04_as_admin(self):
+        """Test access as user ``admin``."""
+        self._attempt_succeed()
+class GroupsShowTestCase(BaseAppTestCase):
+    """Base class for testing ``groups.show`` and ``groups.show_by_name`` endpoints."""
+    def _attempt_fail(self, gname):
+        gid = self.group_id(gname, True)
+        self.assertGetURL(
+            '/groups/{}/show'.format(gid),
+            403
+        )
+        self.assertGetURL(
+            '/groups/{}/show_by_name'.format(gname),
+            403
+        )
+    def _attempt_succeed(self, gname):
+        gid = self.group_id(gname, True)
+        self.assertGetURL(
+            '/groups/{}/show'.format(gid),
+            200,
+            [
+                '<h3>{} '.format(gname).encode('utf8'),
+                b'<strong>Group created:</strong>'
+            ]
+        )
+        self.assertGetURL(
+            '/groups/{}/show_by_name'.format(gname),
+            200,
+            [
+                '<h3>{} '.format(gname).encode('utf8'),
+                b'<strong>Group created:</strong>'
+            ]
+        )
+    @vial.test.do_as_user_decorator(vial.const.ROLE_USER)
+    def test_01_as_user(self):
+        """
+        Test access as user 'user'.
+        Only power user is able to view all available groups.
+        """
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_fail(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_DEVELOPER)
+    def test_02_as_developer(self):
+        """
+        Test access as user 'developer'.
+        Only power user is able to view all available groups.
+        """
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_fail(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_MAINTAINER)
+    def test_03_as_maintainer(self):
+        """
+        Test access as user 'maintainer'.
+        Only power user is able to view all available groups.
+        """
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_succeed(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_ADMIN)
+    def test_04_as_admin(self):
+        """
+        Test access as user 'admin'.
+        Only power user is able to view all available groups.
+        """
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_succeed(vial.test.DEMO_GROUP_B)
+class GroupsCreateTestCase(ItemCreateTestCase):
+    """Class for testing ``groups.create`` endpoint."""
+    group_data_fixture = [
+        ('submit', 'Create'),
+        ('name', 'TEST_GROUP'),
+        ('description', 'Test group for unit testing purposes.'),
+        ('enabled', True),
+        ('managed', True)
+    ]
+    def _attempt_fail(self):
+        self.assertGetURL(
+            '/groups/create',
+            403
+        )
+    def _attempt_succeed(self):
+        self.assertCreate(
+            '/groups/create',
+            self.group_data_fixture,
+            [
+                b'Group <strong>TEST_GROUP</strong> was successfully created.'
+            ]
+        )
+    @vial.test.do_as_user_decorator(vial.const.ROLE_USER)
+    def test_01_as_user(self):
+        """Test access as user 'user'."""
+        self._attempt_fail()
+    @vial.test.do_as_user_decorator(vial.const.ROLE_DEVELOPER)
+    def test_02_as_developer(self):
+        """Test access as user 'developer'."""
+        self._attempt_fail()
+    @vial.test.do_as_user_decorator(vial.const.ROLE_MAINTAINER)
+    def test_03_as_maintainer(self):
+        """Test access as user 'maintainer'."""
+        self._attempt_succeed()
+    @vial.test.do_as_user_decorator(vial.const.ROLE_ADMIN)
+    def test_04_as_admin(self):
+        """Test access as user 'admin'."""
+        self._attempt_succeed()
+class GroupsUpdateTestCase(BaseAppTestCase):
+    """Class for testing ``groups.update`` endpoint."""
+    def _attempt_fail(self, gname):
+        gid = self.group_id(gname, True)
+        self.assertGetURL(
+            '/groups/{}/update'.format(gid),
+            403
+        )
+    def _attempt_succeed(self, gname):
+        gid = self.group_id(gname, True)
+        self.assertGetURL(
+            '/groups/{}/update'.format(gid),
+            200,
+            [
+                b'Update group details'
+            ]
+        )
+    @vial.test.do_as_user_decorator(vial.const.ROLE_USER)
+    def test_01_as_user(self):
+        """Test access as user 'user'."""
+        self._attempt_fail(vial.test.DEMO_GROUP_A)
+        self._attempt_fail(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_DEVELOPER)
+    def test_04_as_developer(self):
+        """Test access as user 'developer'."""
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_fail(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_MAINTAINER)
+    def test_05_as_maintainer(self):
+        """Test access as user 'maintainer'."""
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_succeed(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_ADMIN)
+    def test_06_as_admin(self):
+        """Test access as user 'admin'."""
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_succeed(vial.test.DEMO_GROUP_B)
+class GroupsEnableDisableTestCase(BaseAppTestCase):
+    """Class for testing ``groups.enable`` and ``groups.disable`` endpoint."""
+    def _attempt_fail(self, gname):
+        gid = self.group_id(gname, True)
+        self.assertGetURL(
+            '/groups/{}/disable'.format(gid),
+            403
+        )
+        self.assertGetURL(
+            '/groups/{}/enable'.format(gid),
+            403
+        )
+    def _attempt_succeed(self, gname):
+        gid = self.group_id(gname, True)
+        self.assertGetURL(
+            '/groups/{}/disable'.format(gid),
+            200,
+            [
+                b'Are you really sure you want to disable following item:'
+            ]
+        )
+        self.assertPostURL(
+            '/groups/{}/disable'.format(gid),
+            {
+                'submit': 'Confirm'
+            },
+            200,
+            [
+                b'was successfully disabled.'
+            ]
+        )
+        self.assertGetURL(
+            '/groups/{}/enable'.format(gid),
+            200,
+            [
+                b'Are you really sure you want to enable following item:'
+            ]
+        )
+        self.assertPostURL(
+            '/groups/{}/enable'.format(gid),
+            {
+                'submit': 'Confirm'
+            },
+            200,
+            [
+                b'was successfully enabled.'
+            ]
+        )
+    @vial.test.do_as_user_decorator(vial.const.ROLE_USER)
+    def test_01_as_user(self):
+        """Test access as user 'user'."""
+        self._attempt_fail(vial.test.DEMO_GROUP_A)
+        self._attempt_fail(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_DEVELOPER)
+    def test_02_as_developer(self):
+        """Test access as user 'developer'."""
+        self._attempt_fail(vial.test.DEMO_GROUP_A)
+        self._attempt_fail(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_MAINTAINER)
+    def test_03_as_maintainer(self):
+        """Test access as user 'maintainer'."""
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_succeed(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_ADMIN)
+    def test_04_as_admin(self):
+        """Test access as user 'admin'."""
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_succeed(vial.test.DEMO_GROUP_B)
+class GroupsAddRemRejMemberTestCase(BaseAppTestCase):
+    """Class for testing ``groups.add_member``, ``groups.reject_member`` and ``groups.remove_member`` endpoint."""
+    def _attempt_fail(self, uname, gname):
+        with self.app.app_context():
+            uid = self.user_id(uname)
+            gid = self.group_id(gname)
+        self.assertGetURL(
+            '/groups/{}/remove_member/{}'.format(gid, uid),
+            403
+        )
+        self.assertGetURL(
+            '/groups/{}/reject_member/{}'.format(gid, uid),
+            403
+        )
+        self.assertGetURL(
+            '/groups/{}/add_member/{}'.format(gid, uid),
+            403
+        )
+    def _attempt_succeed(self, uname, gname, print_response = False):
+        # Additional test preparations.
+        with self.app.app_context():
+            uid = self.user_id(uname)
+            gid = self.group_id(gname)
+            self.user_enabled(uname, False)
+        self.mailbox_monitoring('on')
+        #
+        # First check the removal of existing membership.
+        #
+        self.assertGetURL(
+            '/groups/{}/remove_member/{}'.format(gid, uid),
+            200,
+            [
+                b'Are you really sure you want to remove user'
+            ],
+            print_response
+        )
+        self.assertPostURL(
+            '/groups/{}/remove_member/{}'.format(gid, uid),
+            {
+                'submit': 'Confirm'
+            },
+            200,
+            [
+                b'was successfully removed as a member from group'
+            ],
+            print_response
+        )
+        #
+        # Add user back to group.
+        #
+        self.assertGetURL(
+            '/groups/{}/add_member/{}'.format(gid, uid),
+            200,
+            [
+                b'Are you really sure you want to add user'
+            ],
+            print_response
+        )
+        self.assertPostURL(
+            '/groups/{}/add_member/{}'.format(gid, uid),
+            {
+                'submit': 'Confirm'
+            },
+            200,
+            [
+                b'was successfully added as a member to group'
+            ],
+            print_response
+        )
+        self.assertMailbox(
+            {
+                'subject': [
+                    '[{}] Account activation - {}'.format(self.app.config['APPLICATION_NAME'], uname)
+                ],
+                'sender': [
+                    'root@unittest'
+                ],
+                'recipients': [
+                    ['{}@bogus-domain.org'.format(uname)]
+                ],
+                'cc': [[]],
+                'bcc': [['admin@unittest']]
+            }
+        )
+        self.mailbox_clear()
+        # Additional test preparations.
+        with self.app.app_context():
+            uobj = self.user_get(uname)
+            gobj = self.group_get(gname)
+            uid = uobj.id
+            gid = gobj.id
+            uobj.enabled = False
+            uobj.memberships.remove(gobj)
+            uobj.memberships_wanted.append(gobj)
+            self.user_save(uobj)
+        #
+        # Check membership request rejection feature.
+        #
+        self.assertGetURL(
+            '/groups/{}/reject_member/{}'.format(gid, uid),
+            200,
+            [
+                b'Are you really sure you want to reject membership request of user'
+            ],
+            print_response
+        )
+        self.assertPostURL(
+            '/groups/{}/reject_member/{}'.format(gid, uid),
+            {
+                'submit': 'Confirm'
+            },
+            200,
+            [
+                b'was successfully rejected.'
+            ],
+            print_response
+        )
+        self.mailbox_monitoring('off')
+    @vial.test.do_as_user_decorator(vial.const.ROLE_USER)
+    def test_01_as_user(self):
+        """Test access as user 'user'."""
+        for uname in (
+                vial.const.ROLE_USER,
+                vial.const.ROLE_DEVELOPER,
+                vial.const.ROLE_MAINTAINER,
+                vial.const.ROLE_ADMIN
+            ):
+            self._attempt_fail(uname, vial.test.DEMO_GROUP_A)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_DEVELOPER)
+    def test_02_as_developer(self):
+        """Test access as user 'developer'."""
+        for uname in (
+                vial.const.ROLE_USER,
+                vial.const.ROLE_MAINTAINER,
+                vial.const.ROLE_ADMIN
+            ):
+            self._attempt_succeed(uname, vial.test.DEMO_GROUP_A)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_MAINTAINER)
+    def test_03_as_maintainer(self):
+        """Test access as user 'maintainer'."""
+        for uname in (
+                vial.const.ROLE_USER,
+                vial.const.ROLE_DEVELOPER,
+                vial.const.ROLE_ADMIN
+            ):
+            self._attempt_succeed(uname, vial.test.DEMO_GROUP_A)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_ADMIN)
+    def test_04_as_admin(self):
+        """Test access as user 'admin'."""
+        for uname in (
+                vial.const.ROLE_USER,
+                vial.const.ROLE_DEVELOPER,
+                vial.const.ROLE_MAINTAINER
+            ):
+            self._attempt_succeed(uname, vial.test.DEMO_GROUP_A)
+class GroupsDeleteTestCase(BaseAppTestCase):
+    """Class for testing ``groups.delete`` endpoint."""
+    def _attempt_fail(self, gname):
+        gid = self.group_id(gname, True)
+        self.assertGetURL(
+            '/groups/{}/delete'.format(gid),
+            403
+        )
+    def _attempt_succeed(self, gname):
+        gid = self.group_id(gname, True)
+        self.assertGetURL(
+            '/groups/{}/delete'.format(gid),
+            200,
+            [
+                b'Are you really sure you want to permanently remove following item:'
+            ]
+        )
+        self.assertPostURL(
+            '/groups/{}/delete'.format(gid),
+            {
+                'submit': 'Confirm'
+            },
+            200,
+            [
+                b'was successfully and permanently deleted.'
+            ]
+        )
+    @vial.test.do_as_user_decorator(vial.const.ROLE_USER)
+    def test_01_as_user(self):
+        """Test access as user 'user'."""
+        self._attempt_fail(vial.test.DEMO_GROUP_A)
+        self._attempt_fail(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_DEVELOPER)
+    def test_02_as_developer(self):
+        """Test access as user 'developer'."""
+        self._attempt_fail(vial.test.DEMO_GROUP_A)
+        self._attempt_fail(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_MAINTAINER)
+    def test_03_as_maintainer(self):
+        """Test access as user 'maintainer'."""
+        self._attempt_fail(vial.test.DEMO_GROUP_A)
+        self._attempt_fail(vial.test.DEMO_GROUP_B)
+    @vial.test.do_as_user_decorator(vial.const.ROLE_ADMIN)
+    def test_04_as_admin(self):
+        """Test access as user 'admin'."""
+        self._attempt_succeed(vial.test.DEMO_GROUP_A)
+        self._attempt_succeed(vial.test.DEMO_GROUP_B)
+#-------------------------------------------------------------------------------
+if __name__ == "__main__":
+    unittest.main()
--- a/lib/hawat/test/__init__.py
+++ b/lib/hawat/test/__init__.py
@@ -12,8 +12,11 @@
 Base library for Hawat unit tests.
 """
+import vial.const
+import vial.db
 from vial.test import _config_testapp_vial, VialTestCase, ItemCreateVialTestCase, RegistrationVialTestCase
+from mentat.datatype.sqldb import SettingsReportingModel
 from mentat.const import CKEY_CORE_DATABASE, CKEY_CORE_DATABASE_EVENTSTORAGE
@@ -48,6 +51,14 @@ class BaseAppTestCase(VialTestCase):
            config_func = _config_testapp_hawat
        )
+    def setup_fixtures_db(self):
+        super().setup_fixtures_db()
+        for fixture in self.fixtures_db:
+            if isinstance(fixture, self.app.get_model(vial.const.MODEL_GROUP)):
+                SettingsReportingModel(group = fixture)
+                vial.db.db_session().add(fixture)
+        vial.db.db_session().commit()
 class ItemCreateTestCase(ItemCreateVialTestCase, BaseAppTestCase):
    """
    Class for testing :py:class:`hawat.base.HawatApp` application.

--- a/lib/vial/test/__init__.py
+++ b/lib/vial/test/__init__.py
@@ -119,7 +119,7 @@ class VialTestCase(unittest.TestCase):
    def setUp(self):
        self.setup_logging()
        self.mailbox = []
-        self.fixtures_db = {}
+        self.fixtures_db = []
        self.app = self.setup_app()
        self.client = self.app.test_client()
@@ -192,10 +192,13 @@ class VialTestCase(unittest.TestCase):
        group_a.managers.append(account_developer)
        group_a.managers.append(account_maintainer)
-        for dbobject in [account_user, account_developer, account_maintainer, account_admin, group_a, group_b]:
+        fixture_list = [account_user, account_developer, account_maintainer, account_admin, group_a, group_b]
+        for dbobject in fixture_list:
            vial.db.db_session().add(dbobject)
            vial.db.db_session().commit()
+        self.fixtures_db.extend(fixture_list)
    def teardown_logging(self):
        #print(
        #    "CAPTURED LOG CONTENTS:\n{}".format(
@@ -372,7 +375,8 @@ class VialTestCase(unittest.TestCase):
        )
        if print_response:
            print("--------------------------------------------------------------------------------")
-            print("Response for {}: {}".format(url, response.status_code))
+            print("Response for {}: {} ({})".format(url, response.status_code, response.status))
+            pprint.pprint(response.headers)
            pprint.pprint(response.data)
            print("--------------------------------------------------------------------------------")
        self.assertEqual(response.status_code, status_code)
@@ -392,7 +396,8 @@ class VialTestCase(unittest.TestCase):
        )
        if print_response:
            print("--------------------------------------------------------------------------------")
-            print("Response for {}, {}: {}".format(url, pprint.pformat(data), response.status_code))
+            print("Response for {}, {}: {} ({})".format(url, pprint.pformat(data), response.status_code, response.status))
+            pprint.pprint(response.headers)
            pprint.pprint(response.data)
            print("--------------------------------------------------------------------------------")
        self.assertEqual(response.status_code, status_code)