zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-02 07:52:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add unit test + lint

Browse source
This commit is contained in:
zandercymatics 2024-08-08 14:05:05 -06:00
parent ff74e7d6a7
commit 0d2f98e6f1
No known key found for this signature in database
GPG key ID: FF4636ABEC9682B7
3 changed files with 54 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

48
src/registrar/tests/test_views_portfolio.py
View file

@ -325,3 +325,51 @@ class TestPortfolio(WebTest):
self.assertContains(success_result_page, "6 Downing st")
self.assertContains(success_result_page, "London")
@less_console_noise_decorator
@override_flag("organization_feature", active=True)
def test_org_member_can_only_see_domains_with_appropriate_permissions(self):
"""A user with the role organization_member should not have access to the domains page
if they do not have the right permissions.
"""
# A default organization member should not be able to see any domains
self.app.set_user(self.user.username)
self.user.portfolio = self.portfolio
self.user.portfolio_roles = [UserPortfolioRoleChoices.ORGANIZATION_MEMBER]
self.user.save()
self.user.refresh_from_db()
self.assertFalse(self.user.has_domains_portfolio_permission())
response = self.app.get(reverse("no-portfolio-domains"))
self.assertEqual(response.status_code, 200)
self.assertContains(response, "You arent managing any domains.")
# Test the domains page - this user should not have access
response = self.app.get(reverse("domains"), expect_errors=True)
self.assertEqual(response.status_code, 403)
# Ensure that this user can see domains with the right permissions
self.user.portfolio_additional_permissions = [UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS]
self.user.save()
self.user.refresh_from_db()
self.assertTrue(self.user.has_domains_portfolio_permission())
# Test the domains page - this user should have access
response = self.app.get(reverse("domains"))
self.assertEqual(response.status_code, 200)
self.assertContains(response, "Domain name")
# Test the managed domains permission
self.user.portfolio_additional_permissions = [UserPortfolioPermissionChoices.VIEW_MANAGED_DOMAINS]
self.user.save()
self.user.refresh_from_db()
self.assertTrue(self.user.has_domains_portfolio_permission())
# Test the domains page - this user should have access
response = self.app.get(reverse("domains"))
self.assertEqual(response.status_code, 200)
self.assertContains(response, "Domain name")

5
src/registrar/views/portfolios.py
View file

@ -58,11 +58,12 @@ class PortfolioNoDomainsView(NoPortfolioDomainsPermissionView, View):
portfolio=portfolio,
portfolio_roles__overlap=[
UserPortfolioRoleChoices.ORGANIZATION_ADMIN,
UserPortfolioRoleChoices.ORGANIZATION_ADMIN_READ_ONLY
]
UserPortfolioRoleChoices.ORGANIZATION_ADMIN_READ_ONLY,
],
)
return context
class PortfolioOrganizationView(PortfolioBasePermissionView, FormMixin):
"""
View to handle displaying and updating the portfolio's organization details.

4
src/registrar/views/utility/permission_views.py
View file

@ -213,14 +213,16 @@ class PortfolioDomainsPermissionView(PortfolioDomainsPermission, PortfolioBasePe
`template_name`.
"""
class NoPortfolioDomainsPermissionView(PortfolioBasePermissionView, abc.ABC):
"""Abstract base view for a user without access to the
"""Abstract base view for a user without access to the
portfolio domains views that enforces permissions.
This abstract view cannot be instantiated. Actual views must specify
`template_name`.
"""
class PortfolioDomainRequestsPermissionView(PortfolioDomainRequestsPermission, PortfolioBasePermissionView, abc.ABC):
"""Abstract base view for portfolio domain request views that enforces permissions.