2017-10-11 09:15:38 +02:00
import pytest
import mock
import utils
from django . contrib . contenttypes . models import ContentType
from passerelle . apps . solis . models import Solis , SolisAPALink
from passerelle . base . models import ApiUser , AccessRight
NAMEID = ' bebe '
APATOKEN = ''' { " token " : " 1c2562e6-b0a9-4bcf-b669-e33a42397147 " , " endDate " : " 2017-10-11T10:22:40.342 " } '''
APATOKEN_403 = ''' [ { " logref " : " db15cb8a-4d05-4e4f-b4e1-44ec39dc11e3 " , " message " : " Erreur d ' authentification m \xc3 \xa9 tier ASG APA: Code confidentiel non valide pour l ' individu 2823255 " , " links " :[]}] '''
APAINFOS = {
2017-10-15 18:07:04 +02:00
' exportDonneesIndividu ' : ' { " individu " : { " civilite " : " Mme " , " nomUsuel " : " PYPPENNE " , " nomNaissance " : " NPYNEZ " , " prenom " : " Pecile " , " dateNaissance " : " 1922-12-17 " , " contact " : { " telephone " : " 0344480774 " , " mail " : " " }, " adresse " : { " complementDestinataire " : " compl dest " , " numeroLieu " : " 38 " , " natureLieu " :null, " nomLieu " : " RUE MARTIN " , " complementLieu " : " MARPA LES NACRES - APPARTEMENT 9 " , " finLieu " : " fin adresse " , " codePostal " : " 80370 " , " commune " : " BERNAVILLE " }, " tutelles " : { " tutelle " :[ { " type " : " Organisme " , " identite " : " Association Tut \xc3 \xa9 laire de la Somme " , " mesure " :null, " natureAccord " : " Juridique " , " dateEffet " : " 2014-01-01 " , " dateFin " :null, " adresse " : { " numeroLieu " : " 21 " , " natureLieu " :null, " nomLieu " : " RUE SULLY " , " complementLieu " : " BP 11660 " , " finLieu " : " " , " codePostal " : " 80016 " , " commune " : " AMIENS " , " cedex " : " 1 " }}, { " type " : " Individu/Particulier " , " identite " : " Ehmet TYEP " , " mesure " : " Curatelle simple " , " natureAccord " : " Juridique " , " dateEffet " : " 2017-01-01 " , " dateFin " : " 2017-12-31 " , " adresse " : { " numeroLieu " : " 89 " , " natureLieu " :null, " nomLieu " : " AVENUE LEON BLUM " , " complementLieu " : " " , " finLieu " : " " , " codePostal " : " 80100 " , " commune " : " ABBEVILLE " , " cedex " : " " }}, { " type " : " Individu/Particulier " , " identite " : " Esg TYTEYP PE PEPPOXE OEX " , " mesure " :null, " natureAccord " :null, " dateEffet " :null, " dateFin " :null, " adresse " : { " numeroLieu " : " 1 " , " natureLieu " :null, " nomLieu " : " BOULEVARD DU PORT " , " complementLieu " : " CAD " , " finLieu " : " " , " codePostal " : " 80000 " , " commune " : " AMIENS " , " cedex " : " " }}]}, " apa " : { " classotheque " : " 05-2834 " , " centreAutonomie " : " Centre Autonomie nord ouest " }}} ' ,
' consultationDeMesDroits ' : ' { " demandeAsg " :[ { " demande " : { " type " : " Allocation Personnalis \xc3 \xa9 e Autonomie " , " nature " : " Domicile " }, " droit " : { " dateDebut " : " 2017-01-05 " , " dateFin " : " 2019-01-31 " }, " complementDossier " : { " dateDepot " : " 2016-11-15 " , " dateArrivee " : " 2016-11-16 " , " dateDossierComplet " : " 2016-11-17 " }, " gir " : { " type " : " Synth \xc3 \xa8 se " , " gir " :3, " dateEvaluation " : " 2017-02-01 " }, " suivi " : { " instructeur " : { " civilite " : " madame " , " nom " : " ZEPEQPE " , " prenom " : " EPOZOE " , " telephone " : " 0344974383 " , " mail " : " e.zepeqpe@xoppe.pp " }, " dateDecision " : " 2017-01-05 " }, " bilan " : { " pourcentageTM " :2.1973443031311035}, " prestationAccordeeAsg " :[ { " prestation " : " Accueil de jour GIR 1-2 " , " periode " : { " dateEffet " : " 2017-01-05 " , " dateFin " : " 2019-01-31 " }, " tiers " : { " type " : " Ind \xc3 \xa9 termin \xc3 \xa9 " , " identite " :null, " tarif " :null, " quantitatif " :null}, " quantite " :0, " montant " : { " accorde " :0, " participation " :0, " verse " :0}, " attributaire " : { " type " : " Tuteur " , " identite " : " Association Tut \xc3 \xa9 laire de la Somme " }}, { " prestation " : " Articles d \' hygi \xc3 \xa8 ne forfait 45 \xc2 \x80 " , " periode " : { " dateEffet " : " 2017-01-05 " , " dateFin " :null}, " tiers " : { " type " : " Ind \xc3 \xa9 termin \xc3 \xa9 " , " identite " :null, " tarif " :45, " quantitatif " : " Mois " }, " quantite " :1, " montant " : { " accorde " :45, " participation " :1.68, " verse " :43.32}, " attributaire " : { " type " : " B \xc3 \xa9 n \xc3 \xa9 ficiaire " , " identite " : " PYPPENNE Pecile " }}, { " prestation " : " Petite structure " , " periode " : { " dateEffet " : " 2017-01-05 " , " dateFin " : " 2019-01-31 " }, " tiers " : { " type " : " Etablissement " , " identite " : " MARPA LES NACRES " , " tarif " :null, " quantitatif " :null}, " quantite " :0, " montant " : { " accorde " :440.42, " participation " :7.68, " verse " :432.74}, " attributaire " : { " type " : " Etablissement " , " identite " : " MARPA LES NACRES " }}, { " prestation " : " Aide humaine prestataire " , " periode " : { " dateEffet " : " 2017-01-05 " , " dateFin " : " 2019-01-31 " }, " tiers " : { " type " : " Prestataire " , " identite " : " COMMUNAUTE DE COMMUNES DU TERRITOIRE NORD PICARDIE BERNAVILLE " , " tarif " :19, " quantitatif " : " Heure(s) " }, " quantite " :45.5, " montant " : { " accorde " :864.5, " participation " :18.93, " verse " :845.57}, " attributaire " : { " type " : " Prestataire " , " identite " : " COMMUNAUTE DE COMMUNES DU TERRITOIRE NORD PICARDIE BERNAVILLE " }}, { " prestation " : " Articles d \' hygi \xc3 \xa8 ne forfait 90 \xc2 \x80 " , " periode " : { " dateEffet " : " 2017-01-05 " , " dateFin " :null}, " tiers " : { " type " : " Ind \xc3 \xa9 termin \xc3 \xa9 " , " identite " :null, " tarif " :90, " quantitatif " : " Mois " }, " quantite " :1, " montant " : { " accorde " :90, " participation " :3.35, " verse " :86.65}, " attributaire " : { " type " : " B \xc3 \xa9 n \xc3 \xa9 ficiaire " , " identite " : " PYPPENNE Pecile " }}]}]} ' ,
' suiviDemandeEnInstruction ' : ' { " demandeAsg " :[]} ' ,
' suiviDemandeHistorique ' : ' { " demandeAsg " :[ { " demande " : { " type " : " Allocation Personnalis \xc3 \xa9 e Autonomie " , " nature " : " Domicile " }, " droit " : { " dateDebut " : " 2013-03-01 " , " dateFin " : " 2013-06-19 " }, " complementDossier " : { " dateArrivee " :null, " dateDossierComplet " : " 2012-10-25 " }, " suivi " : { " decision " : " Accord " , " dateDecision " : " 2013-02-12 " }}, { " demande " : { " type " : " Allocation Personnalis \xc3 \xa9 e Autonomie " , " nature " : " Domicile " }, " droit " : { " dateDebut " : " 2013-06-20 " , " dateFin " : " 2016-03-31 " }, " complementDossier " : { " dateArrivee " :null, " dateDossierComplet " : " 2012-10-25 " }, " suivi " : { " decision " : " Accord " , " dateDecision " : " 2013-06-25 " }}, { " demande " : { " type " : " Allocation Personnalis \xc3 \xa9 e Autonomie " , " nature " : " Domicile " }, " droit " : { " dateDebut " : " 2016-04-01 " , " dateFin " : " 2017-01-04 " }, " complementDossier " : { " dateArrivee " : " 2016-06-06 " , " dateDossierComplet " : " 2016-06-06 " }, " suivi " : { " decision " : " Accord " , " dateDecision " : " 2016-06-14 " }}]} ' ,
2017-10-11 09:15:38 +02:00
}
@pytest.fixture
def solis ( db ) :
return Solis . objects . create ( slug = ' test ' ,
service_url = ' https://solis.example.net/solisapi/ ' ,
username = ' usertest ' ,
password = ' userpass ' )
def test_solis_restricted_access ( app , solis ) :
2017-10-15 18:07:04 +02:00
for service in ( ' apa-link ' , ' apa-unlink ' ) :
endpoint = utils . generic_endpoint_url ( ' solis ' , service , slug = solis . slug )
assert endpoint == ' /solis/test/ %s ' % service
2017-12-18 23:53:35 +01:00
with mock . patch ( ' passerelle.utils.Request.post ' ) as requests_post :
with mock . patch ( ' passerelle.utils.Request.get ' ) as requests_get :
2017-10-15 18:07:04 +02:00
resp = app . post ( endpoint , status = 403 )
assert requests_post . call_count == 0
assert resp . json [ ' err ' ] == 1
assert ' PermissionDenied ' in resp . json [ ' err_class ' ]
resp = app . get ( endpoint , status = 405 )
assert requests_get . call_count == 0
for service in ( ' apa-links ' , ' apa-user-info ' , ' apa-users ' ) :
2017-10-11 09:15:38 +02:00
endpoint = utils . generic_endpoint_url ( ' solis ' , service , slug = solis . slug )
assert endpoint == ' /solis/test/ %s ' % service
2017-12-18 23:53:35 +01:00
with mock . patch ( ' passerelle.utils.Request.get ' ) as requests_get :
with mock . patch ( ' passerelle.utils.Request.post ' ) as requests_post :
2017-10-11 09:15:38 +02:00
resp = app . get ( endpoint , status = 403 )
assert requests_get . call_count == 0
assert resp . json [ ' err ' ] == 1
assert ' PermissionDenied ' in resp . json [ ' err_class ' ]
resp = app . post ( endpoint , status = 405 )
assert requests_post . call_count == 0
def test_solis_link_infos_unlink ( app , solis ) :
# full opened access
api = ApiUser . objects . create ( username = ' all ' , keytype = ' ' , key = ' ' )
obj_type = ContentType . objects . get_for_model ( solis )
AccessRight . objects . create ( codename = ' can_access ' , apiuser = api , resource_type = obj_type ,
resource_pk = solis . pk )
# link
2017-12-18 23:53:35 +01:00
with mock . patch ( ' passerelle.utils.Request.post ' ) as requests_post : # get solis token
with mock . patch ( ' passerelle.utils.Request.get ' ) as requests_get : # get solis informations
2017-10-15 18:07:04 +02:00
endpoint = utils . generic_endpoint_url ( ' solis ' , ' apa-link ' , slug = solis . slug )
for params in ( None , ' ' , [ ] ) :
resp = app . post_json ( endpoint , params = params , status = 200 )
assert requests_post . call_count == 0
assert resp . json [ ' err ' ] == 1
assert ' payload is not a JSON dict ' in resp . json [ ' err_desc ' ]
2017-10-11 09:15:38 +02:00
2017-10-15 18:07:04 +02:00
for params in ( { } , { ' user_id ' : ' x ' } , { ' code ' : ' x ' } , { ' foo ' : ' bar ' } ) :
resp = app . post_json ( endpoint , params = params , status = 200 )
assert requests_post . call_count == 0
assert resp . json [ ' err ' ] == 1
assert ' missing name_id ' in resp . json [ ' err_desc ' ]
params [ ' name_id ' ] = ' xx '
resp = app . post_json ( endpoint , params = params , status = 200 )
assert requests_post . call_count == 0
assert resp . json [ ' err ' ] == 1
assert ' missing user_id/code credentials ' in resp . json [ ' err_desc ' ]
2017-10-11 09:15:38 +02:00
2017-10-15 18:07:04 +02:00
requests_post . return_value = utils . FakedResponse ( content = APATOKEN_403 , status_code = 403 )
resp = app . post_json ( endpoint ,
params = { ' user_id ' : ' x ' , ' code ' : ' x ' , ' name_id ' : NAMEID } ,
status = 200 )
assert requests_post . call_count == 1
assert requests_get . call_count == 0
assert resp . json [ ' err ' ] == 1
assert ' invalid credentials ' in resp . json [ ' err_desc ' ]
assert SolisAPALink . objects . count ( ) == 0
requests_post . return_value = utils . FakedResponse ( content = APATOKEN , status_code = 200 )
requests_get . return_value = utils . FakedResponse ( content = APAINFOS [ ' exportDonneesIndividu ' ] ,
status_code = 200 )
resp = app . post_json ( endpoint ,
params = { ' name_id ' : NAMEID , ' user_id ' : ' 42 ' , ' code ' : ' foo ' } ,
status = 200 )
assert requests_post . call_count == 2
assert requests_get . call_count == 1
assert resp . json [ ' err ' ] == 0
assert resp . json [ ' data ' ] [ ' user_id ' ] == ' 42 '
assert resp . json [ ' data ' ] [ ' created ' ]
assert not resp . json [ ' data ' ] [ ' updated ' ]
assert SolisAPALink . objects . count ( ) == 1
assert SolisAPALink . objects . first ( ) . name_id == NAMEID
assert SolisAPALink . objects . first ( ) . user_id == ' 42 '
assert SolisAPALink . objects . first ( ) . code == ' foo '
assert SolisAPALink . objects . first ( ) . text == ' Mme Pecile PYPPENNE (NPYNEZ) '
# change code
resp = app . post_json ( endpoint ,
params = { ' name_id ' : NAMEID , ' user_id ' : ' 42 ' , ' code ' : ' bar ' } ,
status = 200 )
assert requests_post . call_count == 3
assert requests_get . call_count == 2
assert resp . json [ ' err ' ] == 0
assert resp . json [ ' data ' ] [ ' user_id ' ] == ' 42 '
assert not resp . json [ ' data ' ] [ ' created ' ]
assert resp . json [ ' data ' ] [ ' updated ' ]
assert SolisAPALink . objects . count ( ) == 1
assert SolisAPALink . objects . first ( ) . name_id == NAMEID
assert SolisAPALink . objects . first ( ) . user_id == ' 42 '
assert SolisAPALink . objects . first ( ) . code == ' bar '
assert SolisAPALink . objects . first ( ) . text == ' Mme Pecile PYPPENNE (NPYNEZ) '
# second link
resp = app . post_json ( endpoint ,
params = { ' name_id ' : NAMEID , ' user_id ' : ' 53 ' , ' code ' : ' bar ' } ,
status = 200 )
assert requests_post . call_count == 4
assert requests_get . call_count == 3
assert resp . json [ ' err ' ] == 0
assert resp . json [ ' data ' ] [ ' user_id ' ] == ' 53 '
assert resp . json [ ' data ' ] [ ' created ' ]
assert not resp . json [ ' data ' ] [ ' updated ' ]
assert SolisAPALink . objects . count ( ) == 2
# verify recorded names after link
assert [ x [ ' text ' ] for x in SolisAPALink . objects . values ( ' text ' ) ] == \
[ ' Mme Pecile PYPPENNE (NPYNEZ) ' , ' Mme Pecile PYPPENNE (NPYNEZ) ' ]
endpoint = utils . generic_endpoint_url ( ' solis ' , ' apa-links ' , slug = solis . slug )
resp = app . get ( endpoint , status = 400 ) # missing name_id
assert resp . json [ ' err ' ] == 1
endpoint + = ' ?name_id= %s ' % NAMEID
resp = app . get ( endpoint , status = 200 )
assert resp . json [ ' err ' ] == 0
assert len ( resp . json [ ' data ' ] ) == 2
assert resp . json [ ' data ' ] [ 0 ] [ ' text ' ] == resp . json [ ' data ' ] [ 1 ] [ ' text ' ] == \
' Mme Pecile PYPPENNE (NPYNEZ) '
# get base informations from a linked user (exportDonneesIndividu)
changed_name = APAINFOS [ ' exportDonneesIndividu ' ] . replace ( ' PYPPENNE ' , ' PEPONE ' )
2017-12-18 23:53:35 +01:00
with mock . patch ( ' passerelle.utils.Request.get ' ) as requests_get :
with mock . patch ( ' passerelle.utils.Request.post ' ) as requests_post :
2017-10-15 18:07:04 +02:00
requests_post . return_value = utils . FakedResponse ( content = APATOKEN , status_code = 200 )
requests_get . return_value = utils . FakedResponse ( content = changed_name , status_code = 200 )
endpoint = utils . generic_endpoint_url ( ' solis ' , ' apa-user-info ' , slug = solis . slug )
endpoint + = ' ?name_id= %s &user_id=42 ' % NAMEID
resp = app . get ( endpoint , status = 200 )
assert resp . json [ ' err ' ] == 0
assert resp . json [ ' data ' ] [ ' individu ' ] [ ' nomUsuel ' ] == ' PEPONE '
# user "text" updated in link:
assert SolisAPALink . objects . get ( name_id = NAMEID , user_id = ' 42 ' ) . text == \
' Mme Pecile PEPONE (NPYNEZ) '
# get all kind of informations
2017-10-11 09:15:38 +02:00
for apa_endpoint in APAINFOS :
2017-12-18 23:53:35 +01:00
with mock . patch ( ' passerelle.utils.Request.get ' ) as requests_get :
with mock . patch ( ' passerelle.utils.Request.post ' ) as requests_post :
2017-10-11 09:15:38 +02:00
requests_post . return_value = utils . FakedResponse ( content = APATOKEN , status_code = 200 )
2017-10-15 18:07:04 +02:00
endpoint_base = utils . generic_endpoint_url ( ' solis ' , ' apa-user-info ' , slug = solis . slug )
resp = app . get ( endpoint_base , status = 400 ) # missing name_id
2017-10-11 09:15:38 +02:00
assert resp . json [ ' err ' ] == 1
2017-10-15 18:07:04 +02:00
endpoint = endpoint_base + ' ?name_id= %s &user_id=53&information= %s ' % ( NAMEID , apa_endpoint )
2017-10-11 09:15:38 +02:00
requests_get . return_value = utils . FakedResponse ( content = APAINFOS [ apa_endpoint ] ,
status_code = 200 )
resp = app . get ( endpoint , status = 200 )
assert requests_post . call_count == 1 # get a token
assert requests_get . call_count == 1 # get informations
assert resp . json [ ' err ' ] == 0
assert resp . json [ ' data ' ]
# solis api crash
requests_get . return_value = utils . FakedResponse ( content = ' boum ' ,
status_code = 500 )
resp = app . get ( endpoint , status = 200 )
assert requests_post . call_count == 2 # get a token
assert requests_get . call_count == 2 # get informations
assert resp . json [ ' err ' ] == 1
assert not resp . json [ ' data ' ]
assert resp . json [ ' err_desc ' ] . startswith ( ' unknown error status:500 ' )
2017-10-15 18:07:04 +02:00
# unknown name_id or user_id
for qs in ( ' name_id= %s &user_id=XXX ' % NAMEID , ' name_id=unlinked&user_id=53 ' ) :
endpoint = endpoint_base + ( ' ?information= %s ' % apa_endpoint ) + ' & ' + qs
resp = app . get ( endpoint , status = 200 )
assert resp . json [ ' err ' ] == 1
assert resp . json [ ' err_desc ' ] == ' unknown link '
assert resp . json [ ' data ' ] is None
# get informations for all users (exportDonneesIndividu)
change_info = APAINFOS [ ' exportDonneesIndividu ' ] . replace ( ' PYPPENNE ' , ' PEPPYNE ' )
2017-12-18 23:53:35 +01:00
with mock . patch ( ' passerelle.utils.Request.get ' ) as requests_get :
with mock . patch ( ' passerelle.utils.Request.post ' ) as requests_post :
2017-10-15 18:07:04 +02:00
requests_post . return_value = utils . FakedResponse ( content = APATOKEN , status_code = 200 )
requests_get . return_value = utils . FakedResponse ( content = change_info , status_code = 200 )
endpoint = utils . generic_endpoint_url ( ' solis ' , ' apa-users ' , slug = solis . slug )
endpoint + = ' ?name_id= %s ' % NAMEID
resp = app . get ( endpoint , status = 200 )
assert resp . json [ ' err ' ] == 0
assert len ( resp . json [ ' data ' ] ) == 2
assert requests_post . call_count == 2
assert requests_get . call_count == 2
assert set ( [ x [ ' id ' ] for x in resp . json [ ' data ' ] ] ) == set ( [ ' 42 ' , ' 53 ' ] )
assert resp . json [ ' data ' ] [ 0 ] [ ' text ' ] == ' Mme Pecile PEPPYNE (NPYNEZ) '
# user "text" updated in links:
assert [ x [ ' text ' ] for x in SolisAPALink . objects . values ( ' text ' ) ] == \
[ ' Mme Pecile PEPPYNE (NPYNEZ) ' , ' Mme Pecile PEPPYNE (NPYNEZ) ' ]
2017-10-13 17:02:34 +02:00
2017-10-11 09:15:38 +02:00
# unlink
endpoint = utils . generic_endpoint_url ( ' solis ' , ' apa-unlink ' , slug = solis . slug )
2017-10-15 18:07:04 +02:00
for bad_params in ( { } , { ' user_id ' : ' 42 ' } , { ' name_id ' : NAMEID } ) :
resp = app . post_json ( endpoint , params = bad_params , status = 200 )
assert resp . json [ ' err ' ] == 1
2017-10-11 09:15:38 +02:00
2017-10-15 18:07:04 +02:00
resp = app . post_json ( endpoint , params = { ' user_id ' : ' xxx ' , ' name_id ' : ' xxx ' } , status = 200 )
2017-10-11 09:15:38 +02:00
assert resp . json [ ' err ' ] == 0
2017-10-15 18:07:04 +02:00
assert resp . json [ ' data ' ] [ ' deleted ' ]
assert resp . json [ ' data ' ] [ ' user_id ' ] == ' xxx '
assert SolisAPALink . objects . count ( ) == 2
resp = app . post_json ( endpoint , params = { ' user_id ' : ' 42 ' , ' name_id ' : NAMEID } , status = 200 )
assert resp . json [ ' err ' ] == 0
assert resp . json [ ' data ' ] [ ' deleted ' ]
assert resp . json [ ' data ' ] [ ' user_id ' ] == ' 42 '
assert SolisAPALink . objects . count ( ) == 1
2017-10-11 09:15:38 +02:00
2017-10-13 17:02:34 +02:00
# unlink again, no trouble
2017-10-15 18:07:04 +02:00
resp = app . post_json ( endpoint , params = { ' user_id ' : ' 42 ' , ' name_id ' : NAMEID } , status = 200 )
2017-10-13 17:02:34 +02:00
assert resp . json [ ' err ' ] == 0
2017-10-15 18:07:04 +02:00
assert resp . json [ ' data ' ] [ ' deleted ' ]
assert resp . json [ ' data ' ] [ ' user_id ' ] == ' 42 '
assert SolisAPALink . objects . count ( ) == 1
2017-10-13 17:02:34 +02:00
# can not get informations from unlinked user
2017-10-11 09:15:38 +02:00
endpoint = utils . generic_endpoint_url ( ' solis ' , ' apa-user-info ' , slug = solis . slug )
2017-10-15 18:07:04 +02:00
endpoint + = ' ?name_id= %s &user_id=42 ' % NAMEID
2017-10-13 17:02:34 +02:00
resp = app . get ( endpoint , status = 200 )
2017-10-11 09:15:38 +02:00
assert resp . json [ ' err ' ] == 1
2017-10-15 18:07:04 +02:00
assert resp . json [ ' err_desc ' ] == ' unknown link '
2017-10-13 17:02:34 +02:00
assert resp . json [ ' data ' ] is None