from __future__ import unicode_literals import datetime from django.utils.timezone import now from common.literals import TIME_DELTA_UNIT_DAYS from documents.tests.test_views import GenericDocumentViewTestCase from sources.links import link_upload_version from user_management.tests import ( TEST_USER_PASSWORD, TEST_USER_USERNAME, TEST_ADMIN_PASSWORD, TEST_ADMIN_USERNAME, ) from ..models import DocumentCheckout from ..permissions import ( permission_document_checkin, permission_document_checkin_override, permission_document_checkout, permission_document_checkout_detail_view ) class DocumentCheckoutViewTestCase(GenericDocumentViewTestCase): def test_checkin_document_view_no_permission(self): self.login( username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD ) expiration_datetime = now() + datetime.timedelta(days=1) DocumentCheckout.on_organization.checkout_document( document=self.document, expiration_datetime=expiration_datetime, user=self.user, block_new_version=True ) self.assertTrue(self.document.is_checked_out()) response = self.post( 'checkouts:checkin_document', args=(self.document.pk,), follow=True ) self.assertEquals(response.status_code, 403) self.assertTrue(self.document.is_checked_out()) def test_checkin_document_view_with_permission(self): self.login( username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD ) expiration_datetime = now() + datetime.timedelta(days=1) DocumentCheckout.on_organization.checkout_document( document=self.document, expiration_datetime=expiration_datetime, user=self.user, block_new_version=True ) self.assertTrue(self.document.is_checked_out()) self.role.permissions.add( permission_document_checkin.stored_permission ) self.role.permissions.add( permission_document_checkout_detail_view.stored_permission ) response = self.post( 'checkouts:checkin_document', args=(self.document.pk,), follow=True ) self.assertEquals(response.status_code, 200) self.assertFalse(self.document.is_checked_out()) self.assertFalse( DocumentCheckout.on_organization.is_document_checked_out( document=self.document ) ) def test_checkout_document_view_no_permission(self): self.login( username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD ) response = self.post( 'checkouts:checkout_document', args=(self.document.pk,), data={ 'expiration_datetime_0': 2, 'expiration_datetime_1': TIME_DELTA_UNIT_DAYS, 'block_new_version': True }, follow=True ) self.assertEquals(response.status_code, 403) self.assertFalse(self.document.is_checked_out()) def test_checkout_document_view_with_permission(self): self.login( username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD ) self.role.permissions.add( permission_document_checkout.stored_permission ) self.role.permissions.add( permission_document_checkout_detail_view.stored_permission ) response = self.post( 'checkouts:checkout_document', args=(self.document.pk,), data={ 'expiration_datetime_0': 2, 'expiration_datetime_1': TIME_DELTA_UNIT_DAYS, 'block_new_version': True }, follow=True ) self.assertEquals(response.status_code, 200) self.assertTrue(self.document.is_checked_out()) def test_document_new_version_after_checkout(self): """ Gitlab issue #231 User shown option to upload new version of a document even though it is blocked by checkout - v2.0.0b2 Expected results: - Link to upload version view should not resolve - Upload version view should reject request """ self.login( username=TEST_ADMIN_USERNAME, password=TEST_ADMIN_PASSWORD ) expiration_datetime = now() + datetime.timedelta(days=1) DocumentCheckout.on_organization.checkout_document( document=self.document, expiration_datetime=expiration_datetime, user=self.admin_user, block_new_version=True ) self.assertTrue(self.document.is_checked_out()) response = self.post( 'sources:upload_version', args=(self.document.pk,), follow=True ) self.assertContains( response, text='blocked from uploading', status_code=200 ) response = self.get( 'documents:document_version_list', args=(self.document.pk,), follow=True ) # Needed by the url view resolver response.context.current_app = None resolved_link = link_upload_version.resolve(context=response.context) self.assertEqual(resolved_link, None) def test_forcefull_check_in_document_view_no_permission(self): # Gitlab issue #237 # Forcefully checking in a document by a user without adequate # permissions throws out an error expiration_datetime = now() + datetime.timedelta(days=1) DocumentCheckout.on_organization.checkout_document( document=self.document, expiration_datetime=expiration_datetime, user=self.admin_user, block_new_version=True ) self.assertTrue(self.document.is_checked_out()) self.login( username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD ) self.role.permissions.add( permission_document_checkin.stored_permission ) self.role.permissions.add( permission_document_checkout.stored_permission ) response = self.post( 'checkouts:checkin_document', args=(self.document.pk,), follow=True ) self.assertContains( response, text='Insufficient permissions', status_code=403 ) self.assertTrue(self.document.is_checked_out()) def test_forcefull_check_in_document_view_with_permission(self): expiration_datetime = now() + datetime.timedelta(days=1) DocumentCheckout.on_organization.checkout_document( document=self.document, expiration_datetime=expiration_datetime, user=self.admin_user, block_new_version=True ) self.assertTrue(self.document.is_checked_out()) self.login( username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD ) self.role.permissions.add( permission_document_checkin.stored_permission ) self.role.permissions.add( permission_document_checkin.stored_permission ) self.role.permissions.add( permission_document_checkin_override.stored_permission ) self.role.permissions.add( permission_document_checkout_detail_view.stored_permission ) response = self.post( 'checkouts:checkin_document', args=(self.document.pk,), follow=True ) self.assertContains( response, text='hecked in successfully', status_code=200 ) self.assertFalse(self.document.is_checked_out())