163 lines
12 KiB
Python
163 lines
12 KiB
Python
|
import pytest
|
||
|
import mock
|
||
|
import utils
|
||
|
|
||
|
from django.contrib.contenttypes.models import ContentType
|
||
|
|
||
|
from passerelle.apps.solis.models import Solis, SolisAPALink
|
||
|
from passerelle.base.models import ApiUser, AccessRight
|
||
|
|
||
|
NAMEID = 'bebe'
|
||
|
APATOKEN = '''{"token":"1c2562e6-b0a9-4bcf-b669-e33a42397147","endDate":"2017-10-11T10:22:40.342"}'''
|
||
|
APATOKEN_403 = '''[{"logref":"db15cb8a-4d05-4e4f-b4e1-44ec39dc11e3","message":"Erreur d'authentification m\xc3\xa9tier ASG APA: Code confidentiel non valide pour l'individu 2823255","links":[]}]'''
|
||
|
APAINFOS = {
|
||
|
'apa-user-info': '{"individu":{"civilite":"Mme","nomUsuel":"PYPPENNE","nomNaissance":"NPYNEZ","prenom":"Pecile","dateNaissance":"1922-12-17","contact":{"telephone":"0344480774","mail":""},"adresse":{"complementDestinataire":"compl dest","numeroLieu":"38","natureLieu":null,"nomLieu":"RUE MARTIN","complementLieu":"MARPA LES NACRES - APPARTEMENT 9","finLieu":"fin adresse","codePostal":"80370","commune":"BERNAVILLE"},"tutelles":{"tutelle":[{"type":"Organisme","identite":"Association Tut\xc3\xa9laire de la Somme","mesure":null,"natureAccord":"Juridique","dateEffet":"2014-01-01","dateFin":null,"adresse":{"numeroLieu":"21","natureLieu":null,"nomLieu":"RUE SULLY","complementLieu":"BP 11660","finLieu":"","codePostal":"80016","commune":"AMIENS","cedex":"1"}},{"type":"Individu/Particulier","identite":"Ehmet TYEP","mesure":"Curatelle simple","natureAccord":"Juridique","dateEffet":"2017-01-01","dateFin":"2017-12-31","adresse":{"numeroLieu":"89","natureLieu":null,"nomLieu":"AVENUE LEON BLUM","complementLieu":"","finLieu":"","codePostal":"80100","commune":"ABBEVILLE","cedex":""}},{"type":"Individu/Particulier","identite":"Esg TYTEYP PE PEPPOXE OEX","mesure":null,"natureAccord":null,"dateEffet":null,"dateFin":null,"adresse":{"numeroLieu":"1","natureLieu":null,"nomLieu":"BOULEVARD DU PORT","complementLieu":"CAD","finLieu":"","codePostal":"80000","commune":"AMIENS","cedex":""}}]},"apa":{"classotheque":"05-2834","centreAutonomie":"Centre Autonomie nord ouest"}}}',
|
||
|
'apa-user-rights': '{"demandeAsg":[{"demande":{"type":"Allocation Personnalis\xc3\xa9e Autonomie","nature":"Domicile"},"droit":{"dateDebut":"2017-01-05","dateFin":"2019-01-31"},"complementDossier":{"dateDepot":"2016-11-15","dateArrivee":"2016-11-16","dateDossierComplet":"2016-11-17"},"gir":{"type":"Synth\xc3\xa8se","gir":3,"dateEvaluation":"2017-02-01"},"suivi":{"instructeur":{"civilite":"madame","nom":"ZEPEQPE","prenom":"EPOZOE","telephone":"0344974383","mail":"e.zepeqpe@xoppe.pp"},"dateDecision":"2017-01-05"},"bilan":{"pourcentageTM":2.1973443031311035},"prestationAccordeeAsg":[{"prestation":"Accueil de jour GIR 1-2","periode":{"dateEffet":"2017-01-05","dateFin":"2019-01-31"},"tiers":{"type":"Ind\xc3\xa9termin\xc3\xa9","identite":null,"tarif":null,"quantitatif":null},"quantite":0,"montant":{"accorde":0,"participation":0,"verse":0},"attributaire":{"type":"Tuteur","identite":"Association Tut\xc3\xa9laire de la Somme"}},{"prestation":"Articles d\'hygi\xc3\xa8ne forfait 45\xc2\x80","periode":{"dateEffet":"2017-01-05","dateFin":null},"tiers":{"type":"Ind\xc3\xa9termin\xc3\xa9","identite":null,"tarif":45,"quantitatif":"Mois"},"quantite":1,"montant":{"accorde":45,"participation":1.68,"verse":43.32},"attributaire":{"type":"B\xc3\xa9n\xc3\xa9ficiaire","identite":"PYPPENNE Pecile"}},{"prestation":"Petite structure","periode":{"dateEffet":"2017-01-05","dateFin":"2019-01-31"},"tiers":{"type":"Etablissement","identite":"MARPA LES NACRES","tarif":null,"quantitatif":null},"quantite":0,"montant":{"accorde":440.42,"participation":7.68,"verse":432.74},"attributaire":{"type":"Etablissement","identite":"MARPA LES NACRES"}},{"prestation":"Aide humaine prestataire","periode":{"dateEffet":"2017-01-05","dateFin":"2019-01-31"},"tiers":{"type":"Prestataire","identite":"COMMUNAUTE DE COMMUNES DU TERRITOIRE NORD PICARDIE BERNAVILLE","tarif":19,"quantitatif":"Heure(s)"},"quantite":45.5,"montant":{"accorde":864.5,"participation":18.93,"verse":845.57},"attributaire":{"type":"Prestataire","identite":"COMMUNAUTE DE COMMUNES DU TERRITOIRE NORD PICARDIE BERNAVILLE"}},{"prestation":"Articles d\'hygi\xc3\xa8ne forfait 90\xc2\x80","periode":{"dateEffet":"2017-01-05","dateFin":null},"tiers":{"type":"Ind\xc3\xa9termin\xc3\xa9","identite":null,"tarif":90,"quantitatif":"Mois"},"quantite":1,"montant":{"accorde":90,"participation":3.35,"verse":86.65},"attributaire":{"type":"B\xc3\xa9n\xc3\xa9ficiaire","identite":"PYPPENNE Pecile"}}]}]}',
|
||
|
'apa-user-request': '{"demandeAsg":[]}',
|
||
|
'apa-user-history': '{"demandeAsg":[{"demande":{"type":"Allocation Personnalis\xc3\xa9e Autonomie","nature":"Domicile"},"droit":{"dateDebut":"2013-03-01","dateFin":"2013-06-19"},"complementDossier":{"dateArrivee":null,"dateDossierComplet":"2012-10-25"},"suivi":{"decision":"Accord","dateDecision":"2013-02-12"}},{"demande":{"type":"Allocation Personnalis\xc3\xa9e Autonomie","nature":"Domicile"},"droit":{"dateDebut":"2013-06-20","dateFin":"2016-03-31"},"complementDossier":{"dateArrivee":null,"dateDossierComplet":"2012-10-25"},"suivi":{"decision":"Accord","dateDecision":"2013-06-25"}},{"demande":{"type":"Allocation Personnalis\xc3\xa9e Autonomie","nature":"Domicile"},"droit":{"dateDebut":"2016-04-01","dateFin":"2017-01-04"},"complementDossier":{"dateArrivee":"2016-06-06","dateDossierComplet":"2016-06-06"},"suivi":{"decision":"Accord","dateDecision":"2016-06-14"}}]}',
|
||
|
}
|
||
|
|
||
|
|
||
|
@pytest.fixture
|
||
|
def solis(db):
|
||
|
return Solis.objects.create(slug='test',
|
||
|
service_url='https://solis.example.net/solisapi/',
|
||
|
username='usertest',
|
||
|
password='userpass')
|
||
|
|
||
|
|
||
|
def test_solis_restricted_access(app, solis):
|
||
|
endpoint = utils.generic_endpoint_url('solis', 'apa-link', slug=solis.slug)
|
||
|
assert endpoint == '/solis/test/apa-link'
|
||
|
with mock.patch('passerelle.utils.LoggedRequest.post') as requests_post:
|
||
|
with mock.patch('passerelle.utils.LoggedRequest.get') as requests_get:
|
||
|
resp = app.post(endpoint, status=403)
|
||
|
assert requests_post.call_count == 0
|
||
|
assert resp.json['err'] == 1
|
||
|
assert 'PermissionDenied' in resp.json['err_class']
|
||
|
resp = app.get(endpoint, status=405)
|
||
|
assert requests_get.call_count == 0
|
||
|
for service in ('apa-unlink', 'apa-user-info', 'apa-user-rights',
|
||
|
'apa-user-request', 'apa-user-history'):
|
||
|
endpoint = utils.generic_endpoint_url('solis', service, slug=solis.slug)
|
||
|
assert endpoint == '/solis/test/%s' % service
|
||
|
with mock.patch('passerelle.utils.LoggedRequest.get') as requests_get:
|
||
|
with mock.patch('passerelle.utils.LoggedRequest.post') as requests_post:
|
||
|
resp = app.get(endpoint, status=403)
|
||
|
assert requests_get.call_count == 0
|
||
|
assert resp.json['err'] == 1
|
||
|
assert 'PermissionDenied' in resp.json['err_class']
|
||
|
resp = app.post(endpoint, status=405)
|
||
|
assert requests_post.call_count == 0
|
||
|
|
||
|
|
||
|
def test_solis_link_infos_unlink(app, solis):
|
||
|
# full opened access
|
||
|
api = ApiUser.objects.create(username='all', keytype='', key='')
|
||
|
obj_type = ContentType.objects.get_for_model(solis)
|
||
|
AccessRight.objects.create(codename='can_access', apiuser=api, resource_type=obj_type,
|
||
|
resource_pk=solis.pk)
|
||
|
|
||
|
# link
|
||
|
with mock.patch('passerelle.utils.LoggedRequest.post') as requests_post:
|
||
|
endpoint = utils.generic_endpoint_url('solis', 'apa-link', slug=solis.slug)
|
||
|
for params in (None, '', []):
|
||
|
resp = app.post_json(endpoint, params=params, status=200)
|
||
|
assert requests_post.call_count == 0
|
||
|
assert resp.json['err'] == 1
|
||
|
assert 'payload is not a JSON dict' in resp.json['err_desc']
|
||
|
|
||
|
for params in ({}, {'user_id': 'x'}, {'code': 'x'}, {'foo': 'bar'}):
|
||
|
resp = app.post_json(endpoint, params=params, status=200)
|
||
|
assert requests_post.call_count == 0
|
||
|
assert resp.json['err'] == 1
|
||
|
assert 'missing name_id' in resp.json['err_desc']
|
||
|
params['name_id'] = 'xx'
|
||
|
resp = app.post_json(endpoint, params=params, status=200)
|
||
|
assert requests_post.call_count == 0
|
||
|
assert resp.json['err'] == 1
|
||
|
assert 'missing user_id/code credentials' in resp.json['err_desc']
|
||
|
|
||
|
requests_post.return_value = utils.FakedResponse(content=APATOKEN_403, status_code=403)
|
||
|
resp = app.post_json(endpoint,
|
||
|
params={'user_id': 'x', 'code': 'x', 'name_id': NAMEID},
|
||
|
status=200)
|
||
|
assert requests_post.call_count == 1
|
||
|
assert resp.json['err'] == 1
|
||
|
assert 'invalid credentials' in resp.json['err_desc']
|
||
|
|
||
|
assert SolisAPALink.objects.count() == 0
|
||
|
|
||
|
requests_post.return_value = utils.FakedResponse(content=APATOKEN, status_code=200)
|
||
|
resp = app.post_json(endpoint,
|
||
|
params={'name_id': NAMEID, 'user_id': '42', 'code': 'foo'},
|
||
|
status=200)
|
||
|
assert requests_post.call_count == 2
|
||
|
assert resp.json['err'] == 0
|
||
|
assert resp.json['data']['user_id'] == '42'
|
||
|
assert resp.json['data']['created']
|
||
|
assert not resp.json['data']['updated']
|
||
|
assert SolisAPALink.objects.count() == 1
|
||
|
assert SolisAPALink.objects.first().name_id == NAMEID
|
||
|
assert SolisAPALink.objects.first().user_id == '42'
|
||
|
assert SolisAPALink.objects.first().code == 'foo'
|
||
|
|
||
|
resp = app.post_json(endpoint,
|
||
|
params={'name_id': NAMEID, 'user_id': '53', 'code': 'bar'},
|
||
|
status=200)
|
||
|
assert requests_post.call_count == 3
|
||
|
assert resp.json['err'] == 0
|
||
|
assert resp.json['data']['user_id'] == '53'
|
||
|
assert not resp.json['data']['created']
|
||
|
assert resp.json['data']['updated']
|
||
|
assert SolisAPALink.objects.count() == 1
|
||
|
assert SolisAPALink.objects.first().name_id == NAMEID
|
||
|
assert SolisAPALink.objects.first().user_id == '53'
|
||
|
assert SolisAPALink.objects.first().code == 'bar'
|
||
|
|
||
|
# get informations from linked user
|
||
|
for apa_endpoint in APAINFOS:
|
||
|
with mock.patch('passerelle.utils.LoggedRequest.get') as requests_get:
|
||
|
with mock.patch('passerelle.utils.LoggedRequest.post') as requests_post:
|
||
|
requests_post.return_value = utils.FakedResponse(content=APATOKEN, status_code=200)
|
||
|
|
||
|
endpoint = utils.generic_endpoint_url('solis', apa_endpoint, slug=solis.slug)
|
||
|
resp = app.get(endpoint, status=400) # missing name_id
|
||
|
assert resp.json['err'] == 1
|
||
|
|
||
|
endpoint += '?name_id=%s' % NAMEID
|
||
|
requests_get.return_value = utils.FakedResponse(content=APAINFOS[apa_endpoint],
|
||
|
status_code=200)
|
||
|
resp = app.get(endpoint, status=200)
|
||
|
assert requests_post.call_count == 1 # get a token
|
||
|
assert requests_get.call_count == 1 # get informations
|
||
|
assert resp.json['err'] == 0
|
||
|
assert resp.json['data']
|
||
|
|
||
|
# solis api crash
|
||
|
requests_get.return_value = utils.FakedResponse(content='boum',
|
||
|
status_code=500)
|
||
|
resp = app.get(endpoint, status=200)
|
||
|
assert requests_post.call_count == 2 # get a token
|
||
|
assert requests_get.call_count == 2 # get informations
|
||
|
assert resp.json['err'] == 1
|
||
|
assert not resp.json['data']
|
||
|
assert resp.json['err_desc'].startswith('unknown error status:500')
|
||
|
|
||
|
# unlink
|
||
|
endpoint = utils.generic_endpoint_url('solis', 'apa-unlink', slug=solis.slug)
|
||
|
resp = app.get(endpoint, status=400) # missing name_id
|
||
|
assert resp.json['err'] == 1
|
||
|
|
||
|
endpoint += '?name_id=%s' % NAMEID
|
||
|
resp = app.get(endpoint, status=200)
|
||
|
assert resp.json['err'] == 0
|
||
|
assert resp.json['data'] == {'deleted': True}
|
||
|
assert SolisAPALink.objects.count() == 0
|
||
|
|
||
|
# get informations from unlinked user
|
||
|
endpoint = utils.generic_endpoint_url('solis', 'apa-user-info', slug=solis.slug)
|
||
|
endpoint += '?name_id=%s' % NAMEID
|
||
|
resp = app.get(endpoint, status=404)
|
||
|
assert resp.json['err'] == 1
|