Add Unit tests

2025-08-22 09:11:04 +02:00 · 2024-12-13 12:29:08 -07:00 · 2024-12-13 12:29:08 -07:00 · c551a60e3a
commit c551a60e3a
parent 24480ec434
5 changed files with 174 additions and 6 deletions
--- a/src/registrar/tests/test_views_portfolio.py
+++ b/src/registrar/tests/test_views_portfolio.py
@ -2642,3 +2642,170 @@ class TestPortfolioInviteNewMemberView(TestWithUser, WebTest):
        # Validate Database has not changed
        invite_count_after = PortfolioInvitation.objects.count()
        self.assertEqual(invite_count_after, invite_count_before)
+
+
+class TestEditPortfolioMemberView(WebTest):
+
+    def setUp(self):
+        self.user = create_user()
+        # Create Portfolio
+        self.portfolio = Portfolio.objects.create(creator=self.user, organization_name="Test Portfolio")
+
+        # Add an invited member who has been invited to manage domains
+        self.invited_member_email = "invited@example.com"
+        self.invitation = PortfolioInvitation.objects.create(
+            email=self.invited_member_email,
+            portfolio=self.portfolio,
+            roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER],
+            additional_permissions=[
+                UserPortfolioPermissionChoices.VIEW_MEMBERS,
+            ],
+        )
+
+        # Assign permissions to the user making requests
+        UserPortfolioPermission.objects.create(
+            user=self.user,
+            portfolio=self.portfolio,
+            roles=[UserPortfolioRoleChoices.ORGANIZATION_ADMIN],
+            additional_permissions=[
+                UserPortfolioPermissionChoices.VIEW_MEMBERS,
+                UserPortfolioPermissionChoices.EDIT_MEMBERS,
+            ],
+        )
+
+    def tearDown(self):
+        PortfolioInvitation.objects.all().delete()
+        UserPortfolioPermission.objects.all().delete()
+        Portfolio.objects.all().delete()
+        User.objects.all().delete()
+
+    @less_console_noise_decorator
+    @override_flag("organization_feature", active=True)
+    @override_flag("organization_members", active=True)
+    def test_edit_member_permissions_basic_to_admin(self):
+        """Tests converting a basic member to admin with full permissions."""
+        self.client.force_login(self.user)
+        
+        # Create a basic member to edit
+        basic_member = create_test_user()
+        basic_permission = UserPortfolioPermission.objects.create(
+            user=basic_member,
+            portfolio=self.portfolio,
+            roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER],
+            additional_permissions=[UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS]
+        )
+
+        response = self.client.post(
+            reverse("member-permissions", kwargs={"pk": basic_permission.id}),
+            {
+                "role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN,
+                "domain_request_permission_admin": UserPortfolioPermissionChoices.EDIT_REQUESTS,
+                "member_permission_admin": UserPortfolioPermissionChoices.EDIT_MEMBERS,
+            }
+        )
+
+        # Verify redirect and success message
+        self.assertEqual(response.status_code, 302)
+        
+        # Verify database changes
+        basic_permission.refresh_from_db()
+        self.assertEqual(basic_permission.roles, [UserPortfolioRoleChoices.ORGANIZATION_ADMIN])
+        # We expect view permissions to be added automagically
+        self.assertEqual(
+            set(basic_permission.additional_permissions),
+            {
+                UserPortfolioPermissionChoices.EDIT_REQUESTS,
+                UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
+                UserPortfolioPermissionChoices.EDIT_MEMBERS,
+                UserPortfolioPermissionChoices.VIEW_MEMBERS,
+            }
+        )
+
+    @less_console_noise_decorator
+    @override_flag("organization_feature", active=True)
+    @override_flag("organization_members", active=True)
+    def test_edit_member_permissions_validation(self):
+        """Tests form validation for required fields based on role."""
+        self.client.force_login(self.user)
+        
+        member = create_test_user()
+        permission = UserPortfolioPermission.objects.create(
+            user=member,
+            portfolio=self.portfolio,
+            roles=[UserPortfolioRoleChoices.ORGANIZATION_MEMBER]
+        )
+
+        # Test missing required admin permissions
+        response = self.client.post(
+            reverse("member-permissions", kwargs={"pk": permission.id}),
+            {
+                "role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN,
+                # Missing required admin fields
+            }
+        )
+
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(
+            response.context["form"].errors["domain_request_permission_admin"][0],
+            "Admin domain request permission is required"
+        )
+        self.assertEqual(
+            response.context["form"].errors["member_permission_admin"][0],
+            "Admin member permission is required"
+        )
+
+    @less_console_noise_decorator
+    @override_flag("organization_feature", active=True)
+    @override_flag("organization_members", active=True)
+    def test_edit_invited_member_permissions(self):
+        """Tests editing permissions for an invited (but not yet joined) member."""
+        self.client.force_login(self.user)
+        
+        # Test updating invitation permissions
+        response = self.client.post(
+            reverse("invitedmember-permissions", kwargs={"pk": self.invitation.id}),
+            {
+                "role": UserPortfolioRoleChoices.ORGANIZATION_ADMIN,
+                "domain_request_permission_admin": UserPortfolioPermissionChoices.EDIT_REQUESTS,
+                "member_permission_admin": UserPortfolioPermissionChoices.EDIT_MEMBERS,
+            }
+        )
+
+        self.assertEqual(response.status_code, 302)
+        
+        # Verify invitation was updated
+        self.invitation.refresh_from_db()
+        self.assertEqual(self.invitation.roles, [UserPortfolioRoleChoices.ORGANIZATION_ADMIN])
+        self.assertEqual(
+            set(self.invitation.additional_permissions),
+            {
+                UserPortfolioPermissionChoices.EDIT_REQUESTS,
+                UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
+                UserPortfolioPermissionChoices.EDIT_MEMBERS,
+                UserPortfolioPermissionChoices.VIEW_MEMBERS,
+            }
+        )
+
+    @less_console_noise_decorator
+    @override_flag("organization_feature", active=True)
+    @override_flag("organization_members", active=True)
+    def test_admin_removing_own_admin_role(self):
+        """Tests an admin removing their own admin role redirects to home."""
+        self.client.force_login(self.user)
+        
+        # Get the user's admin permission
+        admin_permission = UserPortfolioPermission.objects.get(
+            user=self.user,
+            portfolio=self.portfolio
+        )
+
+        response = self.client.post(
+            reverse("member-permissions", kwargs={"pk": admin_permission.id}),
+            {
+                "role": UserPortfolioRoleChoices.ORGANIZATION_MEMBER,
+                "domain_request_permission_member": UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
+            }
+        )
+
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response["Location"], reverse("home"))