test(project_management): Ensure items returned are from users orgs only for API v2 endpoints

ref: #248 #359 #397

app/project_management/tests/functional/project/test_project_viewset.py

@@ -43,6 +43,8 @@ class ViewSetBase:
 
         different_organization = Organization.objects.create(name='test_different_organization')
 
+        self.different_organization = different_organization
+
 
         view_permissions = Permission.objects.get(
                 codename = 'view_' + self.model._meta.model_name,
@@ -149,6 +151,11 @@ class ViewSetBase:
             name = 'one-add'
         )
 
+        self.other_org_item = self.model.objects.create(
+            organization = self.different_organization,
+            name = 'two-add'
+        )
+
 
         self.url_view_kwargs = {'pk': self.item.id}
 

app/project_management/tests/functional/project_milestone/test_project_milestone_viewset.py

@@ -42,6 +42,8 @@ class ViewSetBase:
 
         different_organization = Organization.objects.create(name='test_different_organization')
 
+        self.different_organization = different_organization
+
 
         view_permissions = Permission.objects.get(
                 codename = 'view_' + self.model._meta.model_name,
@@ -124,6 +126,11 @@ class ViewSetBase:
             name = 'proj milestone test'
         )
 
+        project_b = Project.objects.create(
+            organization = self.different_organization,
+            name = 'proj b milestone test'
+        )
+
 
         self.item = self.model.objects.create(
             organization = self.organization,
@@ -131,6 +138,12 @@ class ViewSetBase:
             project = project
         )
 
+        self.other_org_item = self.model.objects.create(
+            organization = self.different_organization,
+            name = 'two-add',
+            project = project_b
+        )
+
 
         self.url_view_kwargs = {'project_id': project.id, 'pk': self.item.id}
 

app/project_management/tests/functional/project_state/test_project_state_viewset.py

@@ -42,6 +42,8 @@ class ViewSetBase:
 
         different_organization = Organization.objects.create(name='test_different_organization')
 
+        self.different_organization = different_organization
+
 
         view_permissions = Permission.objects.get(
                 codename = 'view_' + self.model._meta.model_name,
@@ -125,6 +127,11 @@ class ViewSetBase:
             name = 'one-add'
         )
 
+        self.other_org_item = self.model.objects.create(
+            organization = self.different_organization,
+            name = 'two-add'
+        )
+
 
         self.url_view_kwargs = {'pk': self.item.id}
 

app/project_management/tests/functional/project_type/test_project_type_viewset.py

@@ -42,6 +42,8 @@ class ViewSetBase:
 
         different_organization = Organization.objects.create(name='test_different_organization')
 
+        self.different_organization = different_organization
+
 
         view_permissions = Permission.objects.get(
                 codename = 'view_' + self.model._meta.model_name,
@@ -125,6 +127,11 @@ class ViewSetBase:
             name = 'one-add'
         )
 
+        self.other_org_item = self.model.objects.create(
+            organization = self.different_organization,
+            name = 'two-add'
+        )
+
 
         self.url_view_kwargs = {'pk': self.item.id}