do not anonymise agents in evolutions (#11432)
It allows making statistics on agents.
This commit is contained in:
parent
5f1c14ce9c
commit
b2c0150d1c
|
@ -62,6 +62,19 @@ def local_user():
|
|||
user.store()
|
||||
return user
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def admin_user():
|
||||
get_publisher().user_class.wipe()
|
||||
user = get_publisher().user_class()
|
||||
user.name = 'John Doe Admin'
|
||||
user.email = 'john.doe@example.com'
|
||||
user.name_identifiers = ['0123456789']
|
||||
user.is_admin = True
|
||||
user.store()
|
||||
return user
|
||||
|
||||
|
||||
def sign_uri(uri, user=None):
|
||||
timestamp = datetime.datetime.utcnow().isoformat()[:19] + 'Z'
|
||||
scheme, netloc, path, params, query, fragment = urlparse.urlparse(uri)
|
||||
|
@ -1125,7 +1138,7 @@ def test_api_list_formdata(pub, local_user):
|
|||
resp = get_app(pub).get(sign_uri('/api/forms/test/list?filter=all', user=local_user))
|
||||
assert len(resp.json) == 30
|
||||
|
||||
def test_api_anonymized_formdata(pub, local_user):
|
||||
def test_api_anonymized_formdata(pub, local_user, admin_user):
|
||||
Role.wipe()
|
||||
role = Role(name='test')
|
||||
role.store()
|
||||
|
@ -1166,7 +1179,12 @@ def test_api_anonymized_formdata(pub, local_user):
|
|||
if i%3 == 0:
|
||||
formdata.jump_status('new')
|
||||
else:
|
||||
formdata.jump_status('finished')
|
||||
evo = Evolution()
|
||||
evo.who = admin_user.id
|
||||
evo.time = time.localtime()
|
||||
evo.status = 'wf-%s' % 'finished'
|
||||
formdata.evolution.append(evo)
|
||||
formdata.status = evo.status
|
||||
formdata.store()
|
||||
|
||||
# check access is granted even if the user has not the appropriate role
|
||||
|
@ -1183,6 +1201,12 @@ def test_api_anonymized_formdata(pub, local_user):
|
|||
assert 'status' in resp.json[0]['evolution'][0]
|
||||
assert not 'who' in resp.json[0]['evolution'][0]
|
||||
assert 'time' in resp.json[0]['evolution'][0]
|
||||
# check evolution made by other than _submitter are exported
|
||||
assert 'who' in resp.json[1]['evolution'][1]
|
||||
assert 'id' in resp.json[1]['evolution'][1]['who']
|
||||
assert 'email' in resp.json[1]['evolution'][1]['who']
|
||||
assert 'NameID' in resp.json[1]['evolution'][1]['who']
|
||||
assert 'name' in resp.json[1]['evolution'][1]['who']
|
||||
|
||||
# check access is granted event if there is no user
|
||||
resp = get_app(pub).get(sign_uri('/api/forms/test/list?anonymise&full=on'))
|
||||
|
@ -1199,7 +1223,7 @@ def test_api_anonymized_formdata(pub, local_user):
|
|||
assert not 'who' in resp.json[0]['evolution'][0]
|
||||
assert 'time' in resp.json[0]['evolution'][0]
|
||||
# check anonymise is enforced on detail view
|
||||
resp = get_app(pub).get(sign_uri('/api/forms/%s/?anonymise&full=on' % resp.json[0]['id']))
|
||||
resp = get_app(pub).get(sign_uri('/api/forms/%s/?anonymise&full=on' % resp.json[1]['id']))
|
||||
assert 'receipt_time' in resp.json
|
||||
assert 'fields' in resp.json
|
||||
assert 'user' not in resp.json
|
||||
|
@ -1211,6 +1235,12 @@ def test_api_anonymized_formdata(pub, local_user):
|
|||
assert 'status' in resp.json['evolution'][0]
|
||||
assert not 'who' in resp.json['evolution'][0]
|
||||
assert 'time' in resp.json['evolution'][0]
|
||||
# check evolution made by other than _submitter are exported
|
||||
assert 'who' in resp.json['evolution'][1]
|
||||
assert 'id' in resp.json['evolution'][1]['who']
|
||||
assert 'email' in resp.json['evolution'][1]['who']
|
||||
assert 'NameID' in resp.json['evolution'][1]['who']
|
||||
assert 'name' in resp.json['evolution'][1]['who']
|
||||
|
||||
def test_roles(pub, local_user):
|
||||
Role.wipe()
|
||||
|
|
|
@ -158,17 +158,17 @@ class Evolution(object):
|
|||
}
|
||||
if self.status:
|
||||
data['status'] = self.status[3:]
|
||||
if not anonymise:
|
||||
if self.who != '_submitter':
|
||||
try:
|
||||
if self.who != '_submitter':
|
||||
user = get_publisher().user_class.get(self.who)
|
||||
user = get_publisher().user_class.get(self.who)
|
||||
except KeyError:
|
||||
pass
|
||||
else:
|
||||
if user:
|
||||
data['who'] = user.get_json_export_dict()
|
||||
if self.comment:
|
||||
data['comment'] = self.comment
|
||||
data['who'] = user.get_json_export_dict()
|
||||
elif not anonymise and user:
|
||||
data['who'] = user.get_json_export_dict()
|
||||
if self.comment and not anonymise:
|
||||
data['comment'] = self.comment
|
||||
parts = []
|
||||
for part in self.parts or []:
|
||||
if hasattr(part, 'get_json_export_dict'):
|
||||
|
|
Loading…
Reference in New Issue