0167ff24b8
Add list, create, detail and edit API views for detached and embedded signatures. Signed-off-by: Roberto Rosario <roberto.rosario@mayan-edms.com>
342 lines
12 KiB
Python
342 lines
12 KiB
Python
from __future__ import unicode_literals
|
|
|
|
from rest_framework import status
|
|
|
|
from mayan.apps.django_gpg.permissions import permission_key_sign
|
|
from mayan.apps.django_gpg.tests.mixins import KeyTestMixin
|
|
from mayan.apps.documents.tests.mixins import DocumentTestMixin
|
|
from mayan.apps.rest_api.tests.base import BaseAPITestCase
|
|
|
|
from ..permissions import (
|
|
permission_document_version_sign_detached,
|
|
permission_document_version_sign_embedded,
|
|
permission_document_version_signature_delete,
|
|
permission_document_version_signature_view
|
|
)
|
|
|
|
from .literals import TEST_KEY_PUBLIC_ID, TEST_SIGNED_DOCUMENT_PATH
|
|
from .mixins import (
|
|
DetachedSignatureAPIViewTestMixin, EmbeddedSignatureAPIViewTestMixin,
|
|
SignatureTestMixin
|
|
)
|
|
|
|
|
|
class DetachedSignatureDocumentAPIViewTestCase(
|
|
DocumentTestMixin, DetachedSignatureAPIViewTestMixin,
|
|
KeyTestMixin, SignatureTestMixin, BaseAPITestCase
|
|
):
|
|
auto_upload_document = False
|
|
|
|
def test_document_signature_detached_delete_no_permission(self):
|
|
self.upload_document()
|
|
self._create_test_detached_signature()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
response = self._request_test_document_signature_detached_delete_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures
|
|
)
|
|
|
|
def test_document_signature_detached_delete_with_access(self):
|
|
self.upload_document()
|
|
self._create_test_detached_signature()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_signature_delete
|
|
)
|
|
|
|
response = self._request_test_document_signature_detached_delete_view()
|
|
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures - 1
|
|
)
|
|
|
|
def test_document_signature_detached_detail_no_permission(self):
|
|
self.upload_document()
|
|
self._create_test_detached_signature()
|
|
|
|
response = self._request_test_document_signature_detached_detail_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
def test_document_signature_detached_detail_with_access(self):
|
|
self.upload_document()
|
|
self._create_test_detached_signature()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_signature_view
|
|
)
|
|
|
|
response = self._request_test_document_signature_detached_detail_view()
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
|
|
self.assertEqual(
|
|
response.data['key_id'], TEST_KEY_PUBLIC_ID
|
|
)
|
|
|
|
def test_document_signature_detached_create_view_no_permission(self):
|
|
self.upload_document()
|
|
self._create_test_key_private()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
response = self._request_test_document_signature_detached_create_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures
|
|
)
|
|
|
|
def test_document_signature_detached_create_view_with_document_access(self):
|
|
self.upload_document()
|
|
self._create_test_key_private()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_sign_detached
|
|
)
|
|
|
|
response = self._request_test_document_signature_detached_create_view()
|
|
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures
|
|
)
|
|
|
|
def test_document_signature_detached_create_view_with_key_access(self):
|
|
self.upload_document()
|
|
self._create_test_key_private()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
self.grant_access(
|
|
obj=self.test_key_private,
|
|
permission=permission_key_sign
|
|
)
|
|
|
|
response = self._request_test_document_signature_detached_create_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures
|
|
)
|
|
|
|
def test_document_signature_detached_create_view_with_full_access(self):
|
|
self.upload_document()
|
|
self._create_test_key_private()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_sign_detached
|
|
)
|
|
self.grant_access(
|
|
obj=self.test_key_private,
|
|
permission=permission_key_sign
|
|
)
|
|
|
|
response = self._request_test_document_signature_detached_create_view()
|
|
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures + 1
|
|
)
|
|
|
|
def test_document_signature_detached_list_view_no_permission(self):
|
|
self.upload_document()
|
|
self._create_test_detached_signature()
|
|
|
|
response = self._request_test_document_signature_detached_list_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
def test_document_signature_detached_list_view_with_access(self):
|
|
self.upload_document()
|
|
self._create_test_detached_signature()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_signature_view
|
|
)
|
|
|
|
response = self._request_test_document_signature_detached_list_view()
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
self.assertEqual(
|
|
response.data['results'][0]['key_id'], TEST_KEY_PUBLIC_ID
|
|
)
|
|
|
|
|
|
class EmbeddedSignatureDocumentAPIViewTestCase(
|
|
DocumentTestMixin, EmbeddedSignatureAPIViewTestMixin,
|
|
KeyTestMixin, BaseAPITestCase
|
|
):
|
|
auto_upload_document = False
|
|
|
|
def test_document_signature_embedded_delete_no_permission(self):
|
|
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
|
self.upload_document()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
response = self._request_test_document_signature_embedded_delete_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures
|
|
)
|
|
|
|
def test_document_signature_embedded_delete_with_access(self):
|
|
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
|
self.upload_document()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_signature_delete
|
|
)
|
|
|
|
response = self._request_test_document_signature_embedded_delete_view()
|
|
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures - 1
|
|
)
|
|
|
|
def test_document_signature_embedded_detail_no_permission(self):
|
|
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
|
self.upload_document()
|
|
|
|
response = self._request_test_document_signature_embedded_detail_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
def test_document_signature_embedded_detail_with_access(self):
|
|
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
|
self.upload_document()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_signature_view
|
|
)
|
|
|
|
response = self._request_test_document_signature_embedded_detail_view()
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
|
|
self.assertEqual(
|
|
response.data['key_id'], TEST_KEY_PUBLIC_ID
|
|
)
|
|
|
|
def test_document_signature_embedded_create_view_no_permission(self):
|
|
self.upload_document()
|
|
self._create_test_key_private()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
response = self._request_test_document_signature_embedded_create_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures
|
|
)
|
|
|
|
def test_document_signature_embedded_create_view_with_document_access(self):
|
|
self.upload_document()
|
|
self._create_test_key_private()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_sign_embedded
|
|
)
|
|
|
|
response = self._request_test_document_signature_embedded_create_view()
|
|
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures
|
|
)
|
|
|
|
def test_document_signature_embedded_create_view_with_key_access(self):
|
|
self.upload_document()
|
|
self._create_test_key_private()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
self.grant_access(
|
|
obj=self.test_key_private,
|
|
permission=permission_key_sign
|
|
)
|
|
|
|
response = self._request_test_document_signature_embedded_create_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures
|
|
)
|
|
|
|
def test_document_signature_embedded_create_view_with_full_access(self):
|
|
self.upload_document()
|
|
self._create_test_key_private()
|
|
|
|
signatures = self.test_document.latest_version.signatures.count()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_sign_embedded
|
|
)
|
|
self.grant_access(
|
|
obj=self.test_key_private,
|
|
permission=permission_key_sign
|
|
)
|
|
|
|
response = self._request_test_document_signature_embedded_create_view()
|
|
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
|
|
|
|
self.assertEqual(
|
|
self.test_document.latest_version.signatures.count(),
|
|
signatures + 1
|
|
)
|
|
|
|
def test_document_signature_embedded_list_view_no_permission(self):
|
|
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
|
self.upload_document()
|
|
|
|
response = self._request_test_document_signature_embedded_list_view()
|
|
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
|
|
|
|
def test_document_signature_embedded_list_view_with_access(self):
|
|
self.test_document_path = TEST_SIGNED_DOCUMENT_PATH
|
|
self.upload_document()
|
|
|
|
self.grant_access(
|
|
obj=self.test_document,
|
|
permission=permission_document_version_signature_view
|
|
)
|
|
|
|
response = self._request_test_document_signature_embedded_list_view()
|
|
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
|
self.assertEqual(
|
|
response.data['results'][0]['key_id'], TEST_KEY_PUBLIC_ID
|
|
)
|