hobo_notify: create roles without backoffice access (#76756) #248
|
@ -53,6 +53,7 @@ def test_roles_edit(pub):
|
|||
create_superuser(pub)
|
||||
pub.role_class.wipe()
|
||||
role = pub.role_class(name='foobar')
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
|
||||
app = login(get_app(pub))
|
||||
|
|
|
@ -811,23 +811,23 @@ def test_settings_permissions(pub):
|
|||
|
||||
app = login(get_app(pub))
|
||||
resp = app.get('/backoffice/settings/admin-permissions')
|
||||
# assert all first checkboxes are checked
|
||||
assert resp.forms[0]['permissions$c-0-0'].checked
|
||||
assert resp.forms[0]['permissions$c-1-0'].checked
|
||||
assert resp.forms[0]['permissions$c-2-0'].checked
|
||||
# assert all first checkboxes are unchecked
|
||||
assert not resp.forms[0]['permissions$c-0-0'].checked
|
||||
assert not resp.forms[0]['permissions$c-1-0'].checked
|
||||
assert not resp.forms[0]['permissions$c-2-0'].checked
|
||||
|
||||
role2.allows_backoffice_access = False
|
||||
role2.allows_backoffice_access = True
|
||||
role2.store()
|
||||
resp = app.get('/backoffice/settings/admin-permissions')
|
||||
assert resp.forms[0]['permissions$c-0-0'].checked
|
||||
assert not resp.forms[0]['permissions$c-1-0'].checked
|
||||
assert resp.forms[0]['permissions$c-2-0'].checked
|
||||
assert not resp.forms[0]['permissions$c-0-0'].checked
|
||||
assert resp.forms[0]['permissions$c-1-0'].checked
|
||||
assert not resp.forms[0]['permissions$c-2-0'].checked
|
||||
|
||||
resp.forms[0]['permissions$c-0-0'].checked = False
|
||||
resp.forms[0]['permissions$c-1-0'].checked = True
|
||||
resp.forms[0]['permissions$c-0-0'].checked = True
|
||||
resp.forms[0]['permissions$c-1-0'].checked = False
|
||||
resp = resp.forms[0].submit()
|
||||
assert pub.role_class.get(role1.id).allows_backoffice_access is False
|
||||
assert pub.role_class.get(role2.id).allows_backoffice_access is True
|
||||
assert pub.role_class.get(role1.id).allows_backoffice_access is True
|
||||
assert pub.role_class.get(role2.id).allows_backoffice_access is False
|
||||
|
||||
# give some roles access to the forms workshop (2nd checkbox) and to the
|
||||
# workflows workshop (4th)
|
||||
|
|
|
@ -495,6 +495,7 @@ def test_user_forms_categories_filter(pub, local_user):
|
|||
def test_user_forms_from_agent(pub, local_user, access, auth):
|
||||
pub.role_class.wipe()
|
||||
role = pub.role_class(name='Foo bar')
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
|
||||
agent_user = get_publisher().user_class()
|
||||
|
@ -581,6 +582,7 @@ def test_user_forms_api_access_restrict_to_anonymised_data(pub, local_user, acce
|
|||
def test_user_forms_include_accessible(pub, local_user, access):
|
||||
pub.role_class.wipe()
|
||||
role = pub.role_class(name='Foo bar')
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
|
||||
another_user = get_publisher().user_class()
|
||||
|
|
|
@ -75,6 +75,7 @@ def create_user(pub, is_admin=False):
|
|||
|
||||
pub.role_class.wipe()
|
||||
role = pub.role_class(name='foobar')
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
|
||||
user1.roles = [role.id]
|
||||
|
@ -1789,6 +1790,7 @@ def test_backoffice_handling_post_dispatch(pub):
|
|||
# by an user with that role.
|
||||
user1 = create_user(pub)
|
||||
role = pub.role_class(name='foobaz')
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
user1.roles = [role.id]
|
||||
user1.store()
|
||||
|
|
|
@ -5540,6 +5540,7 @@ def test_form_worklow_comments_on_same_status(pub):
|
|||
user = create_user(pub)
|
||||
|
||||
role = pub.role_class(name='xxx')
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
user.roles = [role.id]
|
||||
user.store()
|
||||
|
@ -7828,6 +7829,7 @@ def test_manager_public_access(pub):
|
|||
|
||||
pub.role_class.wipe()
|
||||
role = pub.role_class(name='xxx')
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
|
||||
manager.is_admin = False
|
||||
|
|
|
@ -987,6 +987,7 @@ def test_formdata_generated_document_in_private_history(pub):
|
|||
|
||||
pub.role_class.wipe()
|
||||
role = pub.role_class(name='xxx')
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
|
||||
user.roles = [role.id]
|
||||
|
|
|
@ -52,6 +52,7 @@ def teardown_module(module):
|
|||
def role(pub):
|
||||
pub.role_class.wipe()
|
||||
role = pub.role_class(name='foobar')
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
return role
|
||||
|
||||
|
|
|
@ -33,6 +33,7 @@ coucou = 1234
|
|||
pub.role_class.wipe()
|
||||
r = pub.role_class(name='Service étt civil')
|
||||
r.slug = 'service-ett-civil'
|
||||
r.allows_backoffice_access = False
|
||||
r.store()
|
||||
|
||||
return pub
|
||||
|
@ -72,6 +73,7 @@ def test_process_notification_role_wrong_audience(pub):
|
|||
assert pub.role_class.select()[0].details is None
|
||||
assert pub.role_class.select()[0].emails is None
|
||||
assert pub.role_class.select()[0].emails_to_members is False
|
||||
assert pub.role_class.select()[0].allows_backoffice_access is False
|
||||
CmdHoboNotify.process_notification(notification)
|
||||
assert pub.role_class.count() == 1
|
||||
assert pub.role_class.select()[0].name == 'Service étt civil'
|
||||
|
@ -79,6 +81,7 @@ def test_process_notification_role_wrong_audience(pub):
|
|||
assert pub.role_class.select()[0].details is None
|
||||
assert pub.role_class.select()[0].emails is None
|
||||
assert pub.role_class.select()[0].emails_to_members is False
|
||||
assert pub.role_class.select()[0].allows_backoffice_access is False
|
||||
|
||||
|
||||
def test_process_notification_role(pub):
|
||||
|
@ -116,6 +119,7 @@ def test_process_notification_role(pub):
|
|||
assert pub.role_class.select()[0].details is None
|
||||
assert pub.role_class.select()[0].emails is None
|
||||
assert pub.role_class.select()[0].emails_to_members is False
|
||||
assert pub.role_class.select()[0].allows_backoffice_access is False
|
||||
existing_role_id = pub.role_class.select()[0].id
|
||||
CmdHoboNotify.process_notification(notification)
|
||||
assert pub.role_class.count() == 2
|
||||
|
@ -126,6 +130,7 @@ def test_process_notification_role(pub):
|
|||
assert old_role.details == "Rôle du service état civil"
|
||||
assert old_role.emails == ['etat-civil@example.com']
|
||||
assert old_role.emails_to_members is True
|
||||
assert old_role.allows_backoffice_access is False
|
||||
new_role = pub.role_class.get_on_index(uuid1, 'uuid')
|
||||
assert new_role.id == uuid1
|
||||
assert new_role.name == 'Service enfance'
|
||||
|
@ -134,6 +139,7 @@ def test_process_notification_role(pub):
|
|||
assert new_role.details == "Rôle du service petite enfance"
|
||||
assert new_role.emails == ['petite-enfance@example.com']
|
||||
assert new_role.emails_to_members is False
|
||||
assert new_role.allows_backoffice_access is False
|
||||
notification = {
|
||||
'@type': 'provision',
|
||||
'audience': ['test'],
|
||||
|
@ -162,6 +168,18 @@ def test_process_notification_role(pub):
|
|||
assert pub.role_class.select()[0].details is None
|
||||
assert pub.role_class.select()[0].emails == ['petite-enfance@example.com']
|
||||
assert pub.role_class.select()[0].emails_to_members is True
|
||||
assert pub.role_class.select()[0].allows_backoffice_access is False
|
||||
|
||||
role = pub.role_class.select()[0]
|
||||
role.allows_backoffice_access = True
|
||||
role.store()
|
||||
|
||||
CmdHoboNotify.process_notification(notification)
|
||||
assert pub.role_class.count() == 1
|
||||
pub.role_class.select()[0].refresh_from_storage()
|
||||
assert pub.role_class.select()[0].name == 'Service enfance'
|
||||
assert pub.role_class.select()[0].slug == 'service-enfance'
|
||||
assert pub.role_class.select()[0].allows_backoffice_access is True
|
||||
|
||||
|
||||
def test_process_notification_internal_role(pub):
|
||||
|
@ -189,6 +207,7 @@ def test_process_notification_internal_role(pub):
|
|||
assert pub.role_class.count() == 1
|
||||
role = pub.role_class.select()[0]
|
||||
assert role.is_internal()
|
||||
assert role.allows_backoffice_access is False
|
||||
|
||||
|
||||
def test_process_notification_role_description(pub):
|
||||
|
|
|
@ -125,7 +125,6 @@ class CmdHoboNotify(Command):
|
|||
role.emails_to_members = emails_to_members
|
||||
if role.slug.startswith('_'):
|
||||
role.internal = True
|
||||
role.allows_backoffice_access = False
|
||||
role.store()
|
||||
elif action == 'deprovision':
|
||||
# Deprovision
|
||||
|
|
|
@ -38,7 +38,7 @@ class Role(StorableObject):
|
|||
details = None
|
||||
emails = None
|
||||
emails_to_members = False
|
||||
allows_backoffice_access = True
|
||||
allows_backoffice_access = False
|
||||
|
||||
TEXT_ATTRIBUTES = ['name', 'uuid', 'slug', 'details', 'emails']
|
||||
BOOLEAN_ATTRIBUTES = ['internal', 'emails_to_members', 'allows_backoffice_access']
|
||||
|
|
Loading…
Reference in New Issue