0001-misc-remove-private-status-history-option-33155.patch
tests/test_admin_pages.py | ||
---|---|---|
270 | 270 |
assert_option_display(resp, 'Confirmation Page', 'Disabled') |
271 | 271 |
assert FormDef.get(1).confirmation == False |
272 | 272 | |
273 |
# history and status |
|
274 |
assert_option_display(resp, 'History and Status', 'Public') |
|
275 |
resp = resp.click('History and Status') |
|
276 |
assert resp.forms[0]['private_status_and_history'].checked is False |
|
277 |
resp.forms[0]['private_status_and_history'].checked = True |
|
278 |
resp = resp.forms[0].submit() |
|
279 |
assert resp.location == 'http://example.net/backoffice/forms/1/' |
|
280 |
resp = resp.follow() |
|
281 |
assert_option_display(resp, 'History and Status', 'Private') |
|
282 |
assert FormDef.get(1).private_status_and_history is True |
|
283 | ||
284 | 273 |
# Limit to one form |
285 | 274 |
assert_option_display(resp, 'Limit to one form', 'Disabled') |
286 | 275 |
resp = resp.click('Limit to one form') |
tests/test_api.py | ||
---|---|---|
534 | 534 |
'workflow', 'expiration_date', 'discussion', |
535 | 535 |
'last_modification_time', 'has_captcha', |
536 | 536 |
'always_advertise', 'name', 'disabled', 'only_allow_one', |
537 |
'private_status_and_history', 'fields', 'keywords',
|
|
537 |
'fields', 'keywords', |
|
538 | 538 |
'publication_date', 'detailed_emails', |
539 | 539 |
'disabled_redirection']) |
540 | 540 |
assert resp.json['name'] == 'test' |
tests/test_backoffice_pages.py | ||
---|---|---|
4288 | 4288 |
resp = resp2.click('Failed to evaluate condition') |
4289 | 4289 |
assert not 'href="http://example.net/backoffice/management/test/' in resp.body |
4290 | 4290 | |
4291 |
def test_backoffice_private_status_and_history(pub): |
|
4292 |
create_user(pub) |
|
4293 |
create_environment(pub) |
|
4294 |
formdef = FormDef.get_by_urlname('form-title') |
|
4295 |
formdef.private_status_and_history = True |
|
4296 |
formdef.store() |
|
4297 |
form_class = FormDef.get_by_urlname('form-title').data_class() |
|
4298 |
number31 = [x for x in form_class.select() if x.data['1'] == 'FOO BAR 30'][0] |
|
4299 |
app = login(get_app(pub)) |
|
4300 |
resp = app.get('/backoffice/management/form-title/') |
|
4301 |
assert re.findall('<tbody.*\/tbody>', resp.body, re.DOTALL)[0].count('<tr') == 17 |
|
4302 | ||
4303 |
# click on a formdata |
|
4304 |
resp = resp.click(href='%s/' % number31.id) |
|
4305 |
assert (' with the number %s.' % number31.get_display_id()) in resp.body |
|
4306 |
resp.forms[0]['comment'] = 'HELLO WORLD' |
|
4307 |
resp = resp.forms[0].submit('button_accept') |
|
4308 |
resp = resp.follow() |
|
4309 |
assert FormDef.get_by_urlname('form-title').data_class().get(number31.id).status == 'wf-accepted' |
|
4310 |
assert 'HELLO WORLD' in resp.body |
|
4311 | ||
4312 |
assert 'id="evolution-log"' in resp.body |
|
4313 | ||
4314 |
def test_backoffice_private_status_and_history_with_assigned_function(pub): |
|
4315 |
create_user(pub) |
|
4316 |
create_environment(pub, set_receiver=False) |
|
4317 | ||
4318 |
formdef = FormDef.get_by_urlname('form-title') |
|
4319 |
formdef.private_status_and_history = True |
|
4320 |
formdef.store() |
|
4321 | ||
4322 |
form_class = FormDef.get_by_urlname('form-title').data_class() |
|
4323 |
number31 = [x for x in form_class.select() if x.data['1'] == 'FOO BAR 30'][0] |
|
4324 | ||
4325 |
app = login(get_app(pub)) |
|
4326 |
resp = app.get('/backoffice/management/form-title/', status=403) |
|
4327 | ||
4328 |
# fake function assignment |
|
4329 |
number31.workflow_roles = {'_receiver': '1'} |
|
4330 |
number31.store() |
|
4331 |
resp = app.get('/backoffice/management/form-title/', status=200) |
|
4332 |
assert re.findall('<tbody.*\/tbody>', resp.body, re.DOTALL)[0].count('<tr') == 1 |
|
4333 | ||
4334 |
# click on a formdata |
|
4335 |
resp = resp.click(href='%s/' % number31.id) |
|
4336 |
assert (' with the number %s.' % number31.get_display_id()) in resp.body |
|
4337 | ||
4338 |
# history is visible |
|
4339 |
assert 'id="evolution-log"' in resp.body |
|
4340 |
resp.forms[0]['comment'] = 'HELLO WORLD' |
|
4341 |
resp = resp.forms[0].submit('button_accept') |
|
4342 |
resp = resp.follow() |
|
4343 |
assert FormDef.get_by_urlname('form-title').data_class().get(number31.id).status == 'wf-accepted' |
|
4344 | ||
4345 |
# history is still visible |
|
4346 |
assert 'HELLO WORLD' in resp.body |
|
4347 |
assert 'id="evolution-log"' in resp.body |
|
4348 | ||
4349 | 4291 |
def test_backoffice_formdata_named_wscall(http_requests, pub): |
4350 | 4292 |
user = create_user(pub) |
4351 | 4293 |
create_environment(pub) |
tests/test_formdata.py | ||
---|---|---|
476 | 476 |
substvars = formdata.get_substitution_variables() |
477 | 477 |
assert substvars.get('form_var_backoffice_blah') == 'test' |
478 | 478 | |
479 |
def test_private_history(pub, local_user): |
|
480 |
formdef.data_class().wipe() |
|
481 |
formdef.private_status_and_history = True |
|
482 |
formdef.store() |
|
483 |
formdata = formdef.data_class()() |
|
484 |
formdata.store() |
|
485 | ||
486 |
assert formdef.is_user_allowed_read_status_and_history(None, formdata=formdata) is False |
|
487 | ||
488 |
assert formdef.is_user_allowed_read_status_and_history(local_user, formdata=formdata) is False |
|
489 |
local_user.is_admin = True |
|
490 |
assert formdef.is_user_allowed_read_status_and_history(local_user, formdata=formdata) is True |
|
491 |
local_user.is_admin = False |
|
492 | ||
493 |
role = Role(name='foobar') |
|
494 |
role.store() |
|
495 | ||
496 |
formdef.workflow_roles['_receiver'] = role.id |
|
497 |
assert formdef.is_user_allowed_read_status_and_history(local_user, formdata=formdata) is False |
|
498 | ||
499 |
local_user.roles = [role.id] |
|
500 |
assert formdef.is_user_allowed_read_status_and_history(local_user, formdata=formdata) is True |
|
501 | ||
502 | 479 |
def test_workflow_data_file_url(pub): |
503 | 480 |
upload = Upload('test.txt', 'text/plain', 'ascii') |
504 | 481 |
upload.receive(['first line', 'second line']) |
wcs/admin/forms.py | ||
---|---|---|
98 | 98 | |
99 | 99 |
for f in ('name', 'confirmation', |
100 | 100 |
'only_allow_one', 'category_id', 'disabled', |
101 |
'enable_tracking_codes', 'workflow_id', 'private_status_and_history',
|
|
101 |
'enable_tracking_codes', 'workflow_id', |
|
102 | 102 |
'disabled_redirection', 'always_advertise', |
103 | 103 |
'publication_date', 'expiration_date'): |
104 | 104 |
widget = form.get_widget(f) |
... | ... | |
142 | 142 | |
143 | 143 | |
144 | 144 |
class OptionsDirectory(Directory): |
145 |
_q_exports = ['confirmation', 'private_status', 'only_allow_one',
|
|
145 |
_q_exports = ['confirmation', 'only_allow_one', |
|
146 | 146 |
'always_advertise', 'tracking_code', 'online_status', 'captcha', |
147 | 147 |
'description', 'keywords', 'category', ('360_view', 'p_360_view'), |
148 | 148 |
'geolocations', 'appearance', 'templates'] |
... | ... | |
157 | 157 |
value=self.formdef.confirmation) |
158 | 158 |
return self.handle(form, _('Confirmation Page')) |
159 | 159 | |
160 |
def private_status(self): |
|
161 |
form = Form(enctype='multipart/form-data') |
|
162 |
form.add(CheckboxWidget, 'private_status_and_history', |
|
163 |
title=_('Keep workflow status and history private'), |
|
164 |
hint=_('Restrict the possibility to see status and history to the recipients'), |
|
165 |
value=self.formdef.private_status_and_history) |
|
166 |
return self.handle(form, _('History and Status')) |
|
167 | ||
168 | 160 |
def only_allow_one(self): |
169 | 161 |
form = Form(enctype='multipart/form-data') |
170 | 162 |
form.add(CheckboxWidget, 'only_allow_one', |
... | ... | |
278 | 270 | |
279 | 271 |
if form.is_submitted() and not form.has_errors(): |
280 | 272 |
attrs = ['confirmation', 'only_allow_one', 'disabled', |
281 |
'enable_tracking_codes', 'private_status_and_history',
|
|
273 |
'enable_tracking_codes', |
|
282 | 274 |
'always_advertise', 'disabled_redirection', |
283 | 275 |
'publication_date', 'expiration_date', 'has_captcha', |
284 | 276 |
'description', 'keywords', 'category_id', |
... | ... | |
502 | 494 |
self.formdef.confirmation and |
503 | 495 |
C_('confirmation page|Enabled') or C_('confirmation page|Disabled')) |
504 | 496 | |
505 |
r += add_option_line('options/private_status', |
|
506 |
_('History and Status'), |
|
507 |
self.formdef.private_status_and_history and |
|
508 |
C_('history and status|Private') or C_('history and status|Public')) |
|
509 | ||
510 | 497 |
r += add_option_line('options/only_allow_one', |
511 | 498 |
_('Limit to one form'), |
512 | 499 |
self.formdef.only_allow_one and |
wcs/formdef.py | ||
---|---|---|
97 | 97 |
expiration_date = None |
98 | 98 |
has_captcha = False |
99 | 99 |
skip_from_360_view = False |
100 |
private_status_and_history = False |
|
101 | 100 |
appearance_keywords = None |
102 | 101 |
digest_template = None |
103 | 102 | |
... | ... | |
118 | 117 |
'digest_template'] |
119 | 118 |
BOOLEAN_ATTRIBUTES = ['discussion', 'detailed_emails', 'disabled', |
120 | 119 |
'only_allow_one', 'enable_tracking_codes', 'confirmation', |
121 |
'always_advertise', 'private_status_and_history',
|
|
120 |
'always_advertise', |
|
122 | 121 |
'has_captcha', 'skip_from_360_view'] |
123 | 122 | |
124 | 123 |
def __init__(self, *args, **kwargs): |
... | ... | |
1314 | 1313 |
form_roles = [x for x in self.workflow_roles.values() if x] |
1315 | 1314 |
if formdata and formdata.workflow_roles: |
1316 | 1315 |
form_roles.extend([x for x in formdata.workflow_roles.values() if x]) |
1317 |
if user and self.private_status_and_history and not user_roles.intersection(form_roles): |
|
1318 |
return False |
|
1319 | 1316 |
return self.is_user_allowed_read(user, formdata=formdata) |
1320 | 1317 | |
1321 | 1318 |
def is_disabled(self): |
wcs/forms/root.py | ||
---|---|---|
1537 | 1537 |
# XXX: seperate endpoints from non-endpoints |
1538 | 1538 |
for status in workflow.possible_status: |
1539 | 1539 |
fms = [x for x in user_forms if \ |
1540 |
not x.formdef.private_status_and_history and \ |
|
1541 | 1540 |
x.formdef.workflow.id == workflow.id and \ |
1542 | 1541 |
(x.get_visible_status() == status)] |
1543 | 1542 |
if not fms: |
1544 |
- |