nofusscomputing/centurion_erp
1
0
Fork 0
Code Issues Wiki Activity

Merge pull request #855 from nofusscomputing/test-get-functional-working

Browse Source
This commit is contained in:
Jon
2025-07-07 00:41:19 +09:30
committed by GitHub
parent 5d8062fcef eeaf3ab5fc
commit 93642ee6a1
57 changed files with 636 additions and 264 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
app/access/migrations/0019_companyaudithistory_companycenturionmodelnote.py Normal file
View File

@ -0,0 +1,81 @@
# Generated by Django 5.1.10 on 2025-07-06 10:38
import django.db.models.deletion
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("access", "0018_remove_entity_is_global_alter_entity_id_and_more"),
("core", "0033_alter_ticketcommentcategory_parent_and_more"),
]
operations = [
migrations.CreateModel(
name="CompanyAuditHistory",
fields=[
(
"centurionaudit_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="core.centurionaudit",
),
),
(
"model",
models.ForeignKey(
help_text="Model this history belongs to",
on_delete=django.db.models.deletion.CASCADE,
related_name="+",
to="access.company",
verbose_name="Model",
),
),
],
options={
"verbose_name": "Company History",
"verbose_name_plural": "Company Histories",
"db_table": "access_company_audithistory",
"managed": True,
},
bases=("core.centurionaudit",),
),
migrations.CreateModel(
name="CompanyCenturionModelNote",
fields=[
(
"centurionmodelnote_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="core.centurionmodelnote",
),
),
(
"model",
models.ForeignKey(
help_text="Model this note belongs to",
on_delete=django.db.models.deletion.CASCADE,
related_name="+",
to="access.company",
verbose_name="Model",
),
),
],
options={
"verbose_name": "Company Note",
"verbose_name_plural": "Company Notes",
"db_table": "access_company_centurionmodelnote",
"managed": True,
},
bases=("core.centurionmodelnote",),
),
]

5
app/access/mixins/permissions.py
View File

@ -290,6 +290,11 @@ class OrganizationPermissionMixin(
view.model.__name__ == 'AuthToken'
and request._user.id == int(view.kwargs.get('model_id', 0))
)
or ( # org=None is the application wide settings.
view.model.__name__ == 'AppSettings'
and request.user.is_superuser
and obj.organization is None
)
):
return True

0
app/access/viewsets/__init__.py Normal file
View File

5
app/access/viewsets/organization.py
View File

@ -18,7 +18,10 @@ from api.viewsets.common import ModelViewSet
summary = 'Create an orgnaization',
description='',
responses = {
# 200: OpenApiResponse(description='Allready exists', response=OrganizationViewSerializer),
200: OpenApiResponse(
description='Already exists',
response = TenantViewSerializer
),
201: OpenApiResponse(description='Created', response=TenantViewSerializer),
# 400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing add permissions'),

4
app/access/viewsets/role.py
View File

@ -17,6 +17,10 @@ from api.viewsets.common import ModelViewSet
summary = 'Create a Role',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ViewSerializer
),
201: OpenApiResponse(description='Created', response=ViewSerializer),
403: OpenApiResponse(description='User is missing add permissions'),
}

7
app/access/viewsets/team.py
View File

@ -25,9 +25,12 @@ from api.viewsets.common import ModelViewSet
location = 'path',
type = int
),
],
],
responses = {
200: OpenApiResponse(description='Allready exists', response=TeamViewSerializer),
200: OpenApiResponse(
description='Already exists',
response = TeamViewSerializer
),
201: OpenApiResponse(description='Created', response=TeamViewSerializer),
# 400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing add permissions'),

5
app/access/viewsets/team_user.py
View File

@ -29,7 +29,10 @@ from api.viewsets.common import ModelViewSet
),
],
responses = {
# 200: OpenApiResponse(description='Allready exists', response=TeamUserViewSerializer),
200: OpenApiResponse(
description='Already exists',
response = TeamUserViewSerializer
),
201: OpenApiResponse(description='Created', response=TeamUserViewSerializer),
# 400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing add permissions'),

2
app/api/tests/abstract/api_serializer_viewset.py
View File

@ -75,7 +75,7 @@ class SerializerAdd:
client.force_login(self.add_user)
response = client.post(url, data=self.add_data)
response = client.post(url, data=self.add_data, content_type = 'application/json')
assert str(response.renderer_context['view'].get_serializer().__class__.__name__).endswith('ModelSerializer')

3
app/api/tests/functional/test_functional_permissions_api.py
View File

@ -109,7 +109,8 @@ class APIPermissionAddInheritedCases:
response = client.post(
path = url,
data = kwargs_api_create
data = kwargs_api_create,
content_type = 'application/json'
)
except NoReverseMatch:

86
app/api/viewsets/common.py
View File

@ -41,6 +41,7 @@ class Create(
"""
response = None
instance = None
try:
@ -49,42 +50,77 @@ class Create(
self.model.context['user'] = self.request.user
self.model.context['logging'] = self.get_log()
response = super().create(request = request, *args, **kwargs)
try:
if str(response.status_code).startswith('2'):
response = super().create(request = request, *args, **kwargs)
# Always return using the ViewSerializer
serializer_module = importlib.import_module(self.get_serializer_class().__module__)
except Exception as e:
view_serializer = getattr(serializer_module, self.get_view_serializer_name())
if not isinstance(e, APIException):
if response.data['id'] is not None:
e = self._django_to_api_exception(e)
serializer = view_serializer(
response.data.serializer.instance,
context = {
'request': request,
'view': self,
},
)
if not isinstance(e, rest_framework.exceptions.ValidationError):
serializer_data = serializer.data
raise e
else:
is_unique = False
for field, code in e.get_codes().items():
if 'unique' in code[0]:
is_unique = True
serializer_data = {}
if not is_unique:
raise e
# Mimic ALL details from DRF response except serializer
response = Response(
data = serializer_data,
status = response.status_code,
template_name = response.template_name,
headers = response.headers,
exception = response.exception,
content_type = response.content_type,
)
instance = self.model.objects.get( organization = request.data['organization'])
# Always return using the ViewSerializer
serializer_module = importlib.import_module(self.get_serializer_class().__module__)
view_serializer = getattr(serializer_module, self.get_view_serializer_name())
if(
# response.data['id'] is not None
response is not None
and instance is None
):
instance = response.data.serializer.instance
serializer = view_serializer(
instance,
context = {
'request': request,
'view': self,
},
)
serializer_data = serializer.data
if response is None:
headers = self.get_success_headers(serializer.data)
status_code = rest_framework.status.HTTP_200_OK
else:
headers = response.headers
status_code = response.status_code
# Mimic ALL details from DRF response except serializer
response = Response(
data = serializer_data,
status = status_code,
# template_name = response.template_name,
headers = headers,
# exception = response.exception,
# content_type = response.content_type,
)
except Exception as e:

5
app/assistance/viewsets/knowledge_base.py
View File

@ -15,7 +15,10 @@ from assistance.serializers.knowledge_base import ( # pylint: disable=W0611:u
summary = 'Create a knowledge base article',
description='',
responses = {
# 200: OpenApiResponse(description='Allready exists', response=KnowledgeBaseViewSerializer),
200: OpenApiResponse(
description='Already exists',
response = KnowledgeBaseViewSerializer
),
201: OpenApiResponse(description='Created', response=KnowledgeBaseViewSerializer),
# 400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing add permissions'),

5
app/assistance/viewsets/knowledge_base_category.py
View File

@ -15,7 +15,10 @@ from assistance.serializers.knowledge_base_category import ( # pylint: disabl
summary = 'Create a knowledge base article',
description='',
responses = {
# 200: OpenApiResponse(description='Allready exists', response=KnowledgeBaseCategoryViewSerializer),
200: OpenApiResponse(
description='Already exists',
response = KnowledgeBaseCategoryViewSerializer
),
201: OpenApiResponse(description='Created', response=KnowledgeBaseCategoryViewSerializer),
# 400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing add permissions'),

4
app/assistance/viewsets/model_knowledge_base_article.py
View File

@ -20,6 +20,10 @@ from django.apps import apps
summary = 'Create a knowledge base article',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ModelKnowledgeBaseArticleViewSerializer
),
201: OpenApiResponse(description='Created', response=ModelKnowledgeBaseArticleViewSerializer),
403: OpenApiResponse(description='User is missing add permissions'),
}

2
app/config_management/serializers/config_group_software.py
View File

@ -155,7 +155,7 @@ class ConfigGroupSoftwareModelSerializer(
detail = {
'software': 'This software is already assigned to this group'
},
code = 'software_exists'
code = 'unique_software_exists'
)
except self.Meta.model.DoesNotExist as exc:

37
app/config_management/tests/functional/additional_configgroupsoftware_permissions_api.py Normal file
View File

@ -0,0 +1,37 @@
import pytest
from django.test import Client
class AdditionalTestCases:
def test_permission_add(self, model_instance, api_request_permissions,
model_kwargs, kwargs_api_create
):
""" Check correct permission for add
Attempt to add as user with permission
"""
client = Client()
client.force_login( api_request_permissions['user']['add'] )
the_model = model_instance( kwargs_create = model_kwargs )
url = the_model.get_url( many = True )
response = client.post(
path = url,
data = kwargs_api_create,
content_type = 'application/json'
)
if response.status_code == 405:
pytest.xfail( reason = 'ViewSet does not have this request method.' )
assert response.status_code == 200, response.content

2
app/config_management/tests/functional/config_groups_software/config_groups_software_serializer.py
View File

@ -118,7 +118,7 @@ class ConfigGroupSoftwareValidationAPI(
serializer.is_valid(raise_exception = True)
assert err.value.get_codes()['software'][0] == 'software_exists'
assert err.value.get_codes()['software'][0] == 'unique_software_exists'

5
app/config_management/viewsets/config_group.py
View File

@ -15,7 +15,10 @@ from config_management.serializers.config_group import ( # pylint: disable=W0
summary = 'Create a config group',
description='',
responses = {
# 200: OpenApiResponse(description='Allready exists', response=ConfigGroupViewSerializer),
200: OpenApiResponse(
description='Already exists',
response = ConfigGroupViewSerializer
),
201: OpenApiResponse(description='Created', response=ConfigGroupViewSerializer),
# 400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing add permissions'),

5
app/config_management/viewsets/config_group_software.py
View File

@ -15,7 +15,10 @@ from config_management.serializers.config_group_software import ( # pylint: d
summary = 'Create a config group software',
description='',
responses = {
# 200: OpenApiResponse(description='Allready exists', response=ConfigGroupSoftwareViewSerializer),
200: OpenApiResponse(
description='Already exists',
response = ConfigGroupSoftwareViewSerializer
),
201: OpenApiResponse(description='Created', response=ConfigGroupSoftwareViewSerializer),
# 400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing add permissions'),

4
app/core/models/meta.py
View File

@ -5,6 +5,10 @@ from django.apps import apps
from django.db import models
from django.utils.module_loading import import_string
# Note: Only included so that it can be picked up.
# in future when model referenced, this include statement may be repoved.
from access.models.company_base import Company # pylint: disable=W0611:unused-import
module_path = f'centurion.models.meta'

11
app/core/tests/unit/centurion_audit_meta/test_unit_meta_audit_history_model.py
View File

@ -111,6 +111,17 @@ class AuditHistoryMetaModelTestCases(
many_field[field] += [ value ]
elif isinstance(value, list):
value_list = []
for list_value in value:
value_list += [ list_value ]
value = value_list
else:
many_field.update({

11
app/core/tests/unit/centurion_model_note_meta/test_unit_meta_model_note_model.py
View File

@ -111,6 +111,17 @@ class ModelNotesMetaModelTestCases(
many_field[field] += [ value ]
elif isinstance(value, list):
value_list = []
for list_value in value:
value_list += [ list_value ]
value = value_list
else:
many_field.update({

5
app/core/viewsets/manufacturer.py
View File

@ -18,7 +18,10 @@ from api.viewsets.common import ModelViewSet
summary = 'Create a manufacturer',
description='',
responses = {
# 200: OpenApiResponse(description='Allready exists', response=ConfigGroupViewSerializer),
200: OpenApiResponse(
description='Already exists',
response = ManufacturerViewSerializer
),
201: OpenApiResponse(description='Created', response=ManufacturerViewSerializer),
# 400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing add permissions'),

4
app/core/viewsets/ticket_category.py
View File

@ -17,6 +17,10 @@ from core.serializers.ticket_category import ( # pylint: disable=W0611:unused
summary = 'Create a ticket category',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = TicketCategoryViewSerializer
),
201: OpenApiResponse(description='Created', response=TicketCategoryViewSerializer),
403: OpenApiResponse(description='User is missing add permissions'),
}

4
app/core/viewsets/ticket_comment_category.py
View File

@ -18,6 +18,10 @@ from api.viewsets.common import ModelViewSet
summary = 'Create a ticket comment category',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = TicketCommentCategoryViewSerializer
),
201: OpenApiResponse(description='Created', response=TicketCommentCategoryViewSerializer),
403: OpenApiResponse(description='User is missing add permissions'),
}

31
app/devops/tests/functional/additional_softwareenablefeatureflag_permissions_api.py
View File

@ -1,10 +1,41 @@
import pytest
from django.test import Client
class AdditionalTestCases:
def test_permission_add(self, model_instance, api_request_permissions,
model_kwargs, kwargs_api_create
):
""" Check correct permission for add
Attempt to add as user with permission
"""
client = Client()
client.force_login( api_request_permissions['user']['add'] )
the_model = model_instance( kwargs_create = model_kwargs )
url = the_model.get_url( many = True )
response = client.post(
path = url,
data = kwargs_api_create,
content_type = 'application/json'
)
if response.status_code == 405:
pytest.xfail( reason = 'ViewSet does not have this request method.' )
assert response.status_code == 200, response.content
def test_returned_data_from_user_and_global_organizations_only(
self
):

4
app/devops/tests/functional/software_enable_feature_flag/test_functional_software_enable_feature_flag_serializer.py
View File

@ -106,7 +106,7 @@ class ValidationAPI(
del valid_data['organization']
with pytest.raises(ValidationError) as err:
with pytest.raises(django.core.exceptions.ValidationError) as err:
serializer = ModelSerializer(
context = {
@ -119,4 +119,4 @@ class ValidationAPI(
serializer.is_valid(raise_exception = True)
serializer.save()
assert err.value.get_codes()['organization'] == 'required'
assert err.value.args[0]['organization'][0].code == 'null'

4
app/devops/viewsets/feature_flag.py
View File

@ -18,6 +18,10 @@ from api.viewsets.common import ModelViewSet
summary = 'Create a Feature Flag',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ViewSerializer
),
201: OpenApiResponse(description='Created', response=ViewSerializer),
403: OpenApiResponse(description='User is missing add permissions'),
}

4
app/devops/viewsets/git_group.py
View File

@ -22,6 +22,10 @@ from api.viewsets.common import ModelViewSet
summary = 'Create a GIT Group',
description='Create',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ViewSerializer
),
201: OpenApiResponse(
description='Created. Will be serialized with the serializer matching the provider.',
response = ViewSerializer

12
app/devops/viewsets/git_repository.py
View File

@ -60,6 +60,18 @@ from api.viewsets.common import (
many = False,
),
responses = {
200: OpenApiResponse(
description='Already exists',
response=PolymorphicProxySerializer(
component_name = 'Git Provider',
serializers=[
GitHubViewSerializer,
GitLabViewSerializer,
],
resource_type_field_name=None,
many = False,
),
),
201: OpenApiResponse(
description='Created. Will be serialized with the serializer matching the provider.',
response=PolymorphicProxySerializer(

4
app/devops/viewsets/software_enable_feature_flag.py
View File

@ -17,6 +17,10 @@ from itam.models.software import Software
summary = 'Enable Feature Flagging for Software',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ViewSerializer
),
201: OpenApiResponse(description='Created', response=ViewSerializer),
403: OpenApiResponse(description='User is missing add permissions'),
}

10
app/fixtures/fresh_db.sql
View File

@ -98,8 +98,8 @@ CREATE TABLE IF NOT EXISTS "devops_git_group_history" ("modelhistory_ptr_id" int
CREATE TABLE IF NOT EXISTS "devops_github_repository_notes" ("modelnotes_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_model_notes" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "devops_githubrepository" ("gitrepository_ptr_id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "devops_gitlab_repository_notes" ("modelnotes_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_model_notes" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "devops_gitlabrepository" ("gitrepository_ptr_id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "devops_git_group_notes" ("modelnotes_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_model_notes" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "devops_gitgroup" ("id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "access_organization_history" ("modelhistory_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_model_history" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "access_tenant" ("id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "access_organization_notes" ("modelnotes_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_model_notes" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "access_tenant" ("id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "access_organization_history" ("modelhistory_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_model_history" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "access_tenant" ("id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "access_company" ("entity_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "access_entity" ("id") DEFERRABLE INITIALLY DEFERRED, "name" varchar(80) NOT NULL);
CREATE TABLE IF NOT EXISTS "access_person" ("entity_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "access_entity" ("id") DEFERRABLE INITIALLY DEFERRED, "f_name" varchar(64) NOT NULL, "l_name" varchar(64) NOT NULL, "dob" date NULL, "m_name" varchar(100) NULL);
CREATE TABLE IF NOT EXISTS "core_ticketcommentaction" ("ticketcommentbase_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_ticketcommentbase" ("id") DEFERRABLE INITIALLY DEFERRED);
@ -137,6 +137,8 @@ CREATE TABLE IF NOT EXISTS "access_entity_audithistory" ("centurionaudit_ptr_id"
CREATE TABLE IF NOT EXISTS "access_entity_centurionmodelnote" ("centurionmodelnote_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_centurionmodelnote" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "access_entity" ("id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "access_person_audithistory" ("centurionaudit_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_audithistory" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "access_person" ("entity_ptr_id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "access_person_centurionmodelnote" ("centurionmodelnote_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_centurionmodelnote" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "access_person" ("entity_ptr_id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "access_company_audithistory" ("centurionaudit_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_audithistory" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "access_company" ("entity_ptr_id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "access_company_centurionmodelnote" ("centurionmodelnote_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_centurionmodelnote" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "access_company" ("entity_ptr_id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "accounting_assetbase" ("model_notes" text NULL, "id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "asset_number" varchar(30) NULL UNIQUE, "serial_number" varchar(30) NULL UNIQUE, "asset_type" varchar(30) NOT NULL, "created" datetime NOT NULL, "modified" datetime NOT NULL, "organization_id" integer NOT NULL REFERENCES "access_tenant" ("id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "accounting_assetbase_history" ("modelhistory_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_model_history" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "accounting_assetbase" ("id") DEFERRABLE INITIALLY DEFERRED);
CREATE TABLE IF NOT EXISTS "accounting_assetbase_notes" ("modelnotes_ptr_id" integer NOT NULL PRIMARY KEY REFERENCES "core_model_notes" ("id") DEFERRABLE INITIALLY DEFERRED, "model_id" integer NOT NULL REFERENCES "accounting_assetbase" ("id") DEFERRABLE INITIALLY DEFERRED);
@ -235,9 +237,9 @@ CREATE TABLE IF NOT EXISTS "social_auth_nonce" ("id" integer NOT NULL PRIMARY KE
CREATE TABLE IF NOT EXISTS "social_auth_usersocialauth" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "provider" varchar(32) NOT NULL, "uid" varchar(255) NOT NULL, "user_id" integer NOT NULL REFERENCES "auth_user" ("id") DEFERRABLE INITIALLY DEFERRED, "created" datetime NOT NULL, "modified" datetime NOT NULL, "extra_data" text NOT NULL CHECK ((JSON_VALID("extra_data") OR "extra_data" IS NULL)));
CREATE TABLE IF NOT EXISTS "social_auth_partial" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "token" varchar(32) NOT NULL, "next_step" smallint unsigned NOT NULL CHECK ("next_step" >= 0), "backend" varchar(32) NOT NULL, "timestamp" datetime NOT NULL, "data" text NOT NULL CHECK ((JSON_VALID("data") OR "data" IS NULL)));
DELETE FROM sqlite_sequence;
INSERT INTO sqlite_sequence VALUES('django_migrations',221);
INSERT INTO sqlite_sequence VALUES('django_content_type',214);
INSERT INTO sqlite_sequence VALUES('auth_permission',901);
INSERT INTO sqlite_sequence VALUES('django_migrations',222);
INSERT INTO sqlite_sequence VALUES('django_content_type',216);
INSERT INTO sqlite_sequence VALUES('auth_permission',909);
INSERT INTO sqlite_sequence VALUES('auth_group',0);
INSERT INTO sqlite_sequence VALUES('auth_user',0);
INSERT INTO sqlite_sequence VALUES('core_notes',0);

59
app/itam/tests/functional/additional_deviceoperatingsystem_permissions_api.py Normal file
View File

@ -0,0 +1,59 @@
import pytest
from django.test import Client
class AdditionalTestCases:
def test_permission_add(self, model_instance, api_request_permissions,
model_kwargs, kwargs_api_create
):
""" Check correct permission for add
Attempt to add as user with permission
"""
client = Client()
client.force_login( api_request_permissions['user']['add'] )
the_model = model_instance( kwargs_create = model_kwargs )
url = the_model.get_url( many = True )
response = client.post(
path = url,
data = kwargs_api_create,
content_type = 'application/json'
)
if response.status_code == 405:
pytest.xfail( reason = 'ViewSet does not have this request method.' )
assert response.status_code == 200, response.content
def test_returned_results_only_user_orgs(self):
"""Returned results check
Ensure that a query to the viewset endpoint does not return
items that are not part of the users organizations.
"""
pytest.xfail( reason = 'model is not org based' )
def test_returned_data_from_user_and_global_organizations_only(
self
):
"""Check items returned
Items returned from the query Must be from the users organization and
global ONLY!
"""
pytest.xfail( reason = 'model is not org based' )

4
app/itam/tests/functional/itamasset_base/test_functional_itamasset_base_viewset.py
View File

@ -10,7 +10,9 @@ class ViewSetTestCases(
AssetBaseViewSetInheritedCases
):
add_data: dict = {}
add_data: dict = {
'asset_number': '1354'
}
kwargs_create_item: dict = {}

2
app/itam/viewsets/device.py
View File

@ -18,7 +18,7 @@ from itam.serializers.device import ( # pylint: disable=W0611:unused-import
is found within the database, it will not re-create it. The device will be returned within the message body.
""",
responses = {
200: OpenApiResponse(description='Device allready exists', response=DeviceViewSerializer),
200: OpenApiResponse(description='Device already exists', response=DeviceViewSerializer),
201: OpenApiResponse(description='Device created', response=DeviceViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itam/viewsets/device_model.py
View File

@ -17,6 +17,10 @@ from itam.serializers.device_model import ( # pylint: disable=W0611:unused-im
summary = 'Create a device model',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = DeviceModelViewSerializer
),
201: OpenApiResponse(description='Device created', response=DeviceModelViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itam/viewsets/device_operating_system.py
View File

@ -27,6 +27,10 @@ from itam.serializers.device_operating_system import ( # pylint: disable=W061
),
],
responses = {
200: OpenApiResponse(
description='Already exists',
response = DeviceOperatingSystemViewSerializer
),
201: OpenApiResponse(description='Device created', response=DeviceOperatingSystemModelSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itam/viewsets/device_software.py
View File

@ -26,6 +26,10 @@ from itam.serializers.device_software import ( # pylint: disable=W0611:unused
),
],
responses = {
200: OpenApiResponse(
description='Already exists',
response = DeviceSoftwareViewSerializer
),
201: OpenApiResponse(description='Device created', response=DeviceSoftwareModelSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itam/viewsets/device_type.py
View File

@ -17,6 +17,10 @@ from itam.serializers.device_type import ( # pylint: disable=W0611:unused-imp
summary = 'Create a device type',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = DeviceTypeViewSerializer
),
201: OpenApiResponse(description='Device created', response=DeviceTypeViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itam/viewsets/software_category.py
View File

@ -16,6 +16,10 @@ from api.viewsets.common import ModelViewSet
summary = 'Create a software category',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = SoftwareCategoryViewSerializer
),
201: OpenApiResponse(description='Software created', response=SoftwareCategoryViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itam/viewsets/software_version.py
View File

@ -26,6 +26,10 @@ from api.viewsets.common import ModelViewSet
),
],
responses = {
200: OpenApiResponse(
description='Already exists',
response = SoftwareVersionViewSerializer
),
201: OpenApiResponse(description='Software created', response=SoftwareVersionViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itim/viewsets/cluster.py
View File

@ -17,6 +17,10 @@ from itim.serializers.cluster import ( # pylint: disable=W0611:unused-import
summary = 'Create a cluster',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ClusterViewSerializer
),
201: OpenApiResponse(description='Device created', response=ClusterViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itim/viewsets/cluster_type.py
View File

@ -17,6 +17,10 @@ from itim.serializers.cluster_type import ( # pylint: disable=W0611:unused-im
summary = 'Create a cluster type',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ClusterTypeViewSerializer
),
201: OpenApiResponse(description='Device created', response=ClusterTypeViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itim/viewsets/port.py
View File

@ -17,6 +17,10 @@ from itim.serializers.port import ( # pylint: disable=W0611:unused-import
summary = 'Create a port',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = PortViewSerializer
),
201: OpenApiResponse(description='Device created', response=PortViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/itim/viewsets/service.py
View File

@ -20,6 +20,10 @@ from itim.serializers.service import ( # pylint: disable=W0611:unused-import
is found within the database, it will not re-create it. The device will be returned within the message body.
""",
responses = {
200: OpenApiResponse(
description='Already exists',
response = ServiceViewSerializer
),
201: OpenApiResponse(description='Device created', response=ServiceViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/project_management/viewsets/project.py
View File

@ -19,6 +19,10 @@ from project_management.serializers.project import ( # pylint: disable=W0611:
summary = 'Create a cluster',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ProjectViewSerializer
),
201: OpenApiResponse(description='Device created', response=ProjectViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/project_management/viewsets/project_milestone.py
View File

@ -24,6 +24,10 @@ from project_management.serializers.project_milestone import ( # pylint: disa
),
],
responses = {
200: OpenApiResponse(
description='Already exists',
response = ProjectMilestoneViewSerializer
),
201: OpenApiResponse(description='Device created', response=ProjectMilestoneViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/project_management/viewsets/project_state.py
View File

@ -17,6 +17,10 @@ from project_management.serializers.project_states import ( # pylint: disable
summary = 'Create a project state',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ProjectStateViewSerializer
),
201: OpenApiResponse(description='Device created', response=ProjectStateViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

4
app/project_management/viewsets/project_type.py
View File

@ -17,6 +17,10 @@ from project_management.serializers.project_type import ( # pylint: disable=W
summary = 'Create a project type',
description='',
responses = {
200: OpenApiResponse(
description='Already exists',
response = ProjectTypeViewSerializer
),
201: OpenApiResponse(description='Device created', response=ProjectTypeViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

136
app/settings/tests/functional/additional_appsettings_permissions_api.py
View File

@ -1,5 +1,7 @@
import pytest
from django.test import Client
class AdditionalTestCases:
@ -23,6 +25,140 @@ class AdditionalTestCases:
]
def test_permission_add(self):
""" Check correct permission for add
Attempt to add as user with permission
"""
pytest.xfail( reason = 'Model does not support adding' )
def test_permission_change(self, model_instance, api_request_permissions):
""" Check correct permission for change
Make change with user who has change permission
"""
client = Client()
client.force_login( api_request_permissions['user']['change'] )
change_item = model_instance(
kwargs_create = {
'organization': api_request_permissions['tenancy']['user']
},
)
response = client.patch(
path = change_item.get_url( many = False ),
data = self.change_data,
content_type = 'application/json'
)
if response.status_code == 405:
pytest.xfail( reason = 'ViewSet does not have this request method.' )
assert response.status_code == 403, response.content
def test_permission_change_super_user_only(self, model_instance, api_request_permissions):
""" Check correct permission for change
Make change with user who has change permission
"""
client = Client()
api_request_permissions['user']['change'].is_superuser = True
api_request_permissions['user']['change'].save()
client.force_login( api_request_permissions['user']['change'] )
change_item = model_instance(
kwargs_create = {
'organization': api_request_permissions['tenancy']['user']
},
)
response = client.patch(
path = change_item.get_url( many = False ),
data = self.change_data,
content_type = 'application/json'
)
api_request_permissions['user']['change'].is_superuser = False
api_request_permissions['user']['change'].save()
if response.status_code == 405:
pytest.xfail( reason = 'ViewSet does not have this request method.' )
assert response.status_code == 200, response.content
def test_permission_view(self, model_instance, api_request_permissions):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
client.force_login( api_request_permissions['user']['view'] )
view_item = model_instance(
kwargs_create = {
'organization': api_request_permissions['tenancy']['user']
}
)
response = client.get(
path = view_item.get_url( many = False )
)
if response.status_code == 405:
pytest.xfail( reason = 'ViewSet does not have this request method.' )
assert response.status_code == 403, response.content
def test_permission_view_super_user_only(self, model_instance, api_request_permissions):
""" Check correct permission for view
Attempt to view as user with view permission
"""
client = Client()
api_request_permissions['user']['view'].is_superuser = True
api_request_permissions['user']['view'].save()
client.force_login( api_request_permissions['user']['view'] )
view_item = model_instance(
kwargs_create = {
'organization': api_request_permissions['tenancy']['user']
}
)
response = client.get(
path = view_item.get_url( many = False )
)
api_request_permissions['user']['view'].is_superuser = False
api_request_permissions['user']['view'].save()
if response.status_code == 405:
pytest.xfail( reason = 'ViewSet does not have this request method.' )
assert response.status_code == 200, response.content
def test_returned_results_only_user_orgs(self):
"""Returned results check

13
app/settings/tests/functional/additional_usersettings_permissions_api.py
View File

@ -8,6 +8,16 @@ class AdditionalTestCases:
def test_permission_add(self):
""" Check correct permission for add
Attempt to add as user with permission
"""
pytest.xfail( reason = 'Model does not support adding' )
def test_permission_change(self, model_instance, api_request_permissions):
""" Check correct permission for change
@ -68,14 +78,13 @@ class AdditionalTestCases:
def test_returned_results_only_user_orgs(self):
"""Returned results check
Ensure that a query to the viewset endpoint does not return
items that are not part of the users organizations.
"""
pytest.xfail( reason = 'model is not org based' )

84
app/settings/tests/functional/app_settings/test_app_settings_viewset.py
View File

@ -193,90 +193,6 @@ class ViewSetBase:
)
class AppSettingsPermissionsAPI(
ViewSetBase,
APIPermissionChange,
APIPermissionView,
TestCase,
):
def test_returned_data_from_user_and_global_organizations_only(self):
"""Check items returned
This test case is a over-ride of a test case with the same name.
This model is not a tenancy model making this test not-applicable.
Items returned from the query Must be from the users organization and
global ONLY!
"""
pass
def test_add_create_not_allowed(self):
""" Check correct permission for add
Not allowed to add.
Ensure that the list view for HTTP/POST does not exist.
"""
with pytest.raises(urls.exceptions.NoReverseMatch) as e:
url = reverse(self.app_namespace + ':' + self.url_name + '-list')
assert e.typename == 'NoReverseMatch'
def test_change_different_organization_denied(self):
""" Ensure permission view cant make change
This test case is N/A as app settings are not a tenancy model
Attempt to make change as user from different organization
"""
pass
def test_delete_has_permission(self):
""" Check correct permission for delete
Delete item as user with delete permission
"""
client = Client()
url = reverse(self.app_namespace + ':' + self.url_name + '-detail', kwargs=self.url_view_kwargs)
client.force_login(self.delete_user)
response = client.delete(url, data=self.delete_data)
assert response.status_code == 405
def test_returned_results_only_user_orgs(self):
"""Test not required
this test is not required as this model is not a tenancy model
"""
pass
def test_view_different_organizaiton_denied(self):
""" Check correct permission for view
This test case is N/A as app settings are not a tenancy model
Attempt to view with user from different organization
"""
pass
class AppSettingsViewSet(
ViewSetBase,
SerializerChange,

127
app/settings/tests/functional/user_settings/test_user_settings_viewset.py
View File

@ -198,133 +198,6 @@ class ViewSetBase:
# class UserSettingsPermissionsAPI(
# ViewSetBase,
# APIPermissionChange,
# APIPermissionView,
# TestCase,
# ):
# def test_returned_data_from_user_and_global_organizations_only(self):
# """Check items returned
# This test case is a over-ride of a test case with the same name.
# This model is not a tenancy model making this test not-applicable.
# Items returned from the query Must be from the users organization and
# global ONLY!
# """
# pass
# # def test_add_create_not_allowed(self):
# # """ Check correct permission for add
# # Not allowed to add.
# # Ensure that the list view for HTTP/POST does not exist.
# # """
# # with pytest.raises(urls.exceptions.NoReverseMatch) as e:
# # url = reverse(self.app_namespace + ':' + self.url_name + '-list')
# # assert e.typename == 'NoReverseMatch'
# def test_delete_has_permission(self):
# """ Check correct permission for delete
# Delete item as user with delete permission
# """
# client = Client()
# url = reverse(self.app_namespace + ':' + self.url_name + '-detail', kwargs=self.url_view_kwargs)
# client.force_login(self.view_user)
# response = client.delete(url, data=self.delete_data)
# assert response.status_code == 405
# def test_change_has_permission(self):
# """ Check correct permission for change
# Make change with user who has change permission
# """
# item = self.model.objects.get( id = self.change_user.id )
# item.default_organization = self.organization
# item.save()
# client = Client()
# url = reverse(self.app_namespace + ':' + self.url_name + '-detail', kwargs={'pk': item.id})
# client.force_login(self.change_user)
# response = client.patch(url, data={'different_organization': self.different_organization.id}, content_type='application/json')
# assert response.status_code == 200
# def test_change_permission_view_denied(self):
# """ Ensure permission view cant make change
# This test case is a duplicate of a test case with the same name.
# As this is the users own settings, any permission a user has will grant
# them access as user settings do not use permissions
# Attempt to make change as user with view permission
# """
# pass
# def test_returned_results_only_user_orgs(self):
# """Test not required
# this test is not required as this model is not a tenancy model
# """
# pass
# def test_change_no_permission_denied(self):
# """ Ensure permission view cant make change
# This test case is a duplicate of a test case with the same name.
# This test is not required for this model as there are no permissions
# assosiated with accessing this model.
# Attempt to make change as user without permissions
# """
# pass
# def test_view_no_permission_denied(self):
# """ Check correct permission for view
# This test case is a duplicate of a test case with the same name.
# This test is not required for this model as there are no permissions
# assosiated with accessing this model.
# Attempt to view with user missing permission
# """
# pass
class UserSettingsViewSet(
ViewSetBase,
SerializerChange,

4
app/settings/viewsets/external_link.py
View File

@ -20,6 +20,10 @@ from settings.serializers.external_links import ( # pylint: disable=W0611:unu
is found within the database, it will not re-create it. The device will be returned within the message body.
""",
responses = {
200: OpenApiResponse(
description='Already exists',
response = ExternalLinkViewSerializer
),
201: OpenApiResponse(description='Device created', response=ExternalLinkViewSerializer),
400: OpenApiResponse(description='Validation failed.'),
403: OpenApiResponse(description='User is missing create permissions'),

17
app/tests/fixtures/kwargs_api_create.py vendored
View File

@ -20,8 +20,21 @@ def kwargs_api_create(django_db_blocker, model_kwargs):
if isinstance(value, models.Model):
value = value.id
elif isinstance(value, dict):
value = json.dumps(value)
elif isinstance(value, list):
value_list = []
for list_value in value:
if isinstance(list_value, models.Model):
value_list += [ list_value.id ]
else:
value_list += [ list_value ]
value = value_list
kwargs.update({
field: value

2
app/tests/fixtures/model_knowledgebase.py vendored
View File

@ -44,7 +44,7 @@ def kwargs_knowledgebase(django_db_blocker,
'category': category,
'release_date': '2024-06-04T00:00:01Z',
'expiry_date': '2024-06-04T00:00:02Z',
'target_team': team,
'target_team': [ team ],
# 'target_user': ,
'responsible_user': user,
# 'responsible_teams': '',

18
app/tests/fixtures/model_kwarg_data.py vendored
View File

@ -26,10 +26,28 @@ def model_kwarg_data():
if isinstance(getattr(model, field).field, models.ManyToManyField):
if isinstance(value, list):
value_list = []
for list_value in value:
if isinstance(list_value, models.Model):
value_list += [ list_value.id ]
value = value_list
if field in many_field:
many_field[field] += [ value ]
elif isinstance(value, list):
many_field.update({
field: value
})
else:
many_field.update({

7
app/tests/fixtures/model_service.py vendored
View File

@ -38,13 +38,16 @@ def kwargs_service(django_db_blocker,
'name': 'service_' + random_str,
'device': device,
'config_key_variable': 'svc',
'port': port,
'port': [ port ],
}
yield kwargs.copy()
with django_db_blocker.unblock():
device.delete()
try:
device.delete()
except:
pass
port.delete()