54 |
54 |
user = get_publisher().user_class()
|
55 |
55 |
user.name = 'Jean Darmette'
|
56 |
56 |
user.email = 'jean.darmette@triffouilis.fr'
|
|
57 |
user.name_identifiers = ['0123456789']
|
57 |
58 |
user.store()
|
58 |
59 |
return user
|
59 |
60 |
|
... | ... | |
264 |
265 |
assert resp1.json[0]['functions']['_receiver']['role']['slug'] == role.slug
|
265 |
266 |
assert resp1.json[0]['functions']['_receiver']['role']['name'] == role.name
|
266 |
267 |
|
|
268 |
def test_limited_formdef_list(pub, local_user):
|
|
269 |
Role.wipe()
|
|
270 |
role = Role(name='Foo bar')
|
|
271 |
role.id = '14'
|
|
272 |
role.store()
|
|
273 |
|
|
274 |
FormDef.wipe()
|
|
275 |
formdef = FormDef()
|
|
276 |
formdef.name = 'test'
|
|
277 |
formdef.description = 'plop'
|
|
278 |
formdef.workflow_roles = {'_receiver': str(role.id)}
|
|
279 |
formdef.fields = []
|
|
280 |
formdef.store()
|
|
281 |
|
|
282 |
resp = get_app(pub).get('/api/formdefs/')
|
|
283 |
assert len(resp.json) == 1
|
|
284 |
|
|
285 |
# check it's not advertised
|
|
286 |
formdef.roles = [role.id]
|
|
287 |
formdef.store()
|
|
288 |
resp = get_app(pub).get('/api/formdefs/')
|
|
289 |
resp2 = get_app(pub).get(sign_uri('/api/formdefs/?NameID='))
|
|
290 |
resp3 = get_app(pub).get(sign_uri('/api/formdefs/?NameID=XXX'))
|
|
291 |
resp4 = get_app(pub).get(sign_uri('/api/formdefs/?NameID=%s' % local_user.name_identifiers[0]))
|
|
292 |
assert len(resp.json) == 0
|
|
293 |
assert resp.json == resp2.json == resp3.json == resp4.json
|
|
294 |
|
|
295 |
# unless user has correct roles
|
|
296 |
local_user.roles = [role.id]
|
|
297 |
local_user.store()
|
|
298 |
resp = get_app(pub).get(sign_uri('/api/formdefs/?NameID=%s' % local_user.name_identifiers[0]))
|
|
299 |
assert len(resp.json) == 1
|
|
300 |
|
|
301 |
local_user.roles = []
|
|
302 |
local_user.store()
|
|
303 |
|
|
304 |
# check it's advertised
|
|
305 |
formdef.always_advertise = True
|
|
306 |
formdef.store()
|
|
307 |
resp = get_app(pub).get('/api/formdefs/')
|
|
308 |
resp2 = get_app(pub).get(sign_uri('/api/formdefs/?NameID='))
|
|
309 |
resp3 = get_app(pub).get(sign_uri('/api/formdefs/?NameID=XXX'))
|
|
310 |
resp4 = get_app(pub).get(sign_uri('/api/formdefs/?NameID=%s' % local_user.name_identifiers[0]))
|
|
311 |
assert len(resp.json) == 1
|
|
312 |
assert resp.json[0]['authentication_required']
|
|
313 |
assert resp.json == resp2.json == resp3.json == resp4.json
|
|
314 |
|
267 |
315 |
def test_formdef_list_redirection(pub):
|
268 |
316 |
FormDef.wipe()
|
269 |
317 |
formdef = FormDef()
|