Coverage for cc_modules/tests/cc_user_tests.py: 17%

505 statements  

« prev     ^ index     » next       coverage.py v6.5.0, created at 2022-11-08 23:14 +0000

1#!/usr/bin/env python 

2 

3""" 

4camcops_server/cc_modules/tests/cc_user_tests.py 

5 

6=============================================================================== 

7 

8 Copyright (C) 2012, University of Cambridge, Department of Psychiatry. 

9 Created by Rudolf Cardinal (rnc1001@cam.ac.uk). 

10 

11 This file is part of CamCOPS. 

12 

13 CamCOPS is free software: you can redistribute it and/or modify 

14 it under the terms of the GNU General Public License as published by 

15 the Free Software Foundation, either version 3 of the License, or 

16 (at your option) any later version. 

17 

18 CamCOPS is distributed in the hope that it will be useful, 

19 but WITHOUT ANY WARRANTY; without even the implied warranty of 

20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 

21 GNU General Public License for more details. 

22 

23 You should have received a copy of the GNU General Public License 

24 along with CamCOPS. If not, see <https://www.gnu.org/licenses/>. 

25 

26=============================================================================== 

27 

28""" 

29 

30from pendulum import DateTime as Pendulum 

31import phonenumbers 

32 

33from camcops_server.cc_modules.cc_constants import ( 

34 OBSCURE_EMAIL_ASTERISKS, 

35 OBSCURE_PHONE_ASTERISKS, 

36) 

37from camcops_server.cc_modules.cc_group import Group 

38from camcops_server.cc_modules.cc_unittest import ( 

39 BasicDatabaseTestCase, 

40 DemoDatabaseTestCase, 

41) 

42from camcops_server.cc_modules.cc_user import ( 

43 SecurityAccountLockout, 

44 SecurityLoginFailure, 

45 User, 

46) 

47 

48 

49# ============================================================================= 

50# Unit testing 

51# ============================================================================= 

52 

53 

54class UserTests(DemoDatabaseTestCase): 

55 """ 

56 Unit tests. 

57 """ 

58 

59 def test_user(self) -> None: 

60 self.announce("test_user") 

61 req = self.req 

62 

63 SecurityAccountLockout.delete_old_account_lockouts(req) 

64 self.assertIsInstance( 

65 SecurityAccountLockout.is_user_locked_out(req, "dummy_user"), bool 

66 ) 

67 self.assertIsInstanceOrNone( 

68 SecurityAccountLockout.user_locked_out_until(req, "dummy_user"), 

69 Pendulum, 

70 ) 

71 

72 self.assertIsInstance( 

73 SecurityLoginFailure.how_many_login_failures(req, "dummy_user"), 

74 int, 

75 ) 

76 SecurityLoginFailure.clear_login_failures_for_nonexistent_users(req) 

77 SecurityLoginFailure.clear_dummy_login_failures_if_necessary(req) 

78 SecurityLoginFailure.clear_dummy_login_failures_if_necessary(req) 

79 # ... do it twice (we had a bug relating to offset-aware vs 

80 # offset-naive date/time objects). 

81 

82 self.assertIsInstance(User.is_username_permissible("some_user"), bool) 

83 User.take_some_time_mimicking_password_encryption() 

84 

85 u = self.dbsession.query(User).first() # type: User 

86 assert u, "Missing user in demo database!" 

87 

88 g = self.dbsession.query(Group).first() # type: Group 

89 assert g, "Missing group in demo database!" 

90 

91 self.assertIsInstance(u.is_password_correct("dummy_password"), bool) 

92 self.assertIsInstance(u.must_agree_terms, bool) 

93 u.agree_terms(req) 

94 u.clear_login_failures(req) 

95 self.assertIsInstance(u.is_locked_out(req), bool) 

96 self.assertIsInstanceOrNone(u.locked_out_until(req), Pendulum) 

97 u.enable(req) 

98 self.assertIsInstance(u.may_login_as_tablet, bool) 

99 # TODO: cc_user.UserTests: could do more here 

100 self.assertIsInstance(u.authorized_as_groupadmin, bool) 

101 self.assertIsInstance(u.may_use_webviewer, bool) 

102 self.assertIsInstance(u.authorized_to_add_special_note(g.id), bool) 

103 self.assertIsInstance(u.authorized_to_erase_tasks(g.id), bool) 

104 self.assertIsInstance(u.authorized_to_dump, bool) 

105 self.assertIsInstance(u.authorized_for_reports, bool) 

106 self.assertIsInstance(u.may_view_all_patients_when_unfiltered, bool) 

107 self.assertIsInstance(u.may_view_no_patients_when_unfiltered, bool) 

108 self.assertIsInstance(u.may_upload_to_group(g.id), bool) 

109 self.assertIsInstance(u.may_upload, bool) 

110 self.assertIsInstance(u.may_register_devices, bool) 

111 

112 def test_partial_email(self) -> None: 

113 # https://en.wikipedia.org/wiki/Email_address 

114 a = OBSCURE_EMAIL_ASTERISKS 

115 tests = ( 

116 ("simple@example.com", f"s{a}e@example.com"), 

117 ("very.common@example.com", f"v{a}n@example.com"), 

118 ( 

119 "disposable.style.email.with+symbol@example.com", 

120 f"d{a}l@example.com", 

121 ), 

122 ("other.email-with-hyphen@example.com", f"o{a}n@example.com"), 

123 ("x@example.com", f"x{a}x@example.com"), 

124 ( 

125 "example-indeed@strange-example.com", 

126 f"e{a}d@strange-example.com", 

127 ), 

128 ("test/test@test.com", f"t{a}t@test.com"), 

129 ("admin@mailserver1", f"a{a}n@mailserver1"), 

130 ("example@s.example", f"e{a}e@s.example"), 

131 ('" "@example.org', f'"{a}"@example.org'), 

132 ('"john..doe"@example.org', f'"{a}"@example.org'), 

133 ("mailhost!username@example.org", f"m{a}e@example.org"), 

134 ("user%example.com@example.org", f"u{a}m@example.org"), 

135 ("user-@example.org", f"u{a}-@example.org"), 

136 ("very.unusual.”@”.unusual.com@example.com", f"v{a}m@example.com"), 

137 ) 

138 

139 user = self.create_user() 

140 

141 for email, expected_partial in tests: 

142 user.email = email 

143 self.assertEqual( 

144 user.partial_email, expected_partial, msg=f"Failed for {email}" 

145 ) 

146 

147 def test_partial_phone_number(self) -> None: 

148 user = self.create_user() 

149 # https://www.ofcom.org.uk/phones-telecoms-and-internet/information-for-industry/numbering/numbers-for-drama # noqa: E501 

150 user.phone_number = phonenumbers.parse("+447700900123") 

151 

152 a = OBSCURE_PHONE_ASTERISKS 

153 self.assertEqual(user.partial_phone_number, f"{a}23") 

154 

155 

156class UserPermissionTests(BasicDatabaseTestCase): 

157 def setUp(self) -> None: 

158 super().setUp() 

159 # Deliberately not in alphabetical order to test sorting 

160 self.group_c = self.create_group("groupc") 

161 self.group_b = self.create_group("groupb") 

162 self.group_a = self.create_group("groupa") 

163 self.group_d = self.create_group("groupd") 

164 self.dbsession.flush() 

165 

166 def test_groups_user_may_manage_patients_in(self) -> None: 

167 user = self.create_user(username="test") 

168 self.dbsession.flush() 

169 

170 self.create_membership(user, self.group_d, may_manage_patients=True) 

171 self.create_membership(user, self.group_c, may_manage_patients=True) 

172 self.create_membership(user, self.group_a, may_manage_patients=False) 

173 

174 self.assertEqual( 

175 [self.group_c, self.group_d], 

176 user.groups_user_may_manage_patients_in, 

177 ) 

178 

179 def test_groups_user_may_email_patients_in(self) -> None: 

180 user = self.create_user(username="test") 

181 self.dbsession.flush() 

182 

183 self.create_membership(user, self.group_d, may_email_patients=True) 

184 self.create_membership(user, self.group_c, may_email_patients=True) 

185 self.create_membership(user, self.group_a, may_email_patients=False) 

186 

187 self.assertEqual( 

188 [self.group_c, self.group_d], 

189 user.groups_user_may_email_patients_in, 

190 ) 

191 

192 def test_ids_of_groups_user_may_report_on(self) -> None: 

193 user = self.create_user(username="test") 

194 self.dbsession.flush() 

195 

196 self.create_membership(user, self.group_a, may_run_reports=False) 

197 self.create_membership(user, self.group_c, may_run_reports=True) 

198 self.create_membership(user, self.group_d, may_run_reports=True) 

199 

200 ids = user.ids_of_groups_user_may_report_on 

201 

202 self.assertIn(self.group_c.id, ids) 

203 self.assertIn(self.group_d.id, ids) 

204 self.assertNotIn(self.group_a.id, ids) 

205 self.assertNotIn(self.group_b.id, ids) 

206 

207 def test_ids_of_groups_superuser_may_report_on(self) -> None: 

208 user = self.create_user(username="test", superuser=True) 

209 self.dbsession.flush() 

210 

211 ids = user.ids_of_groups_user_may_report_on 

212 

213 self.assertIn(self.group_a.id, ids) 

214 self.assertIn(self.group_b.id, ids) 

215 self.assertIn(self.group_c.id, ids) 

216 self.assertIn(self.group_d.id, ids) 

217 

218 def test_ids_of_groups_user_is_admin_for(self) -> None: 

219 user = self.create_user(username="test") 

220 self.dbsession.flush() 

221 

222 self.create_membership(user, self.group_a, groupadmin=False) 

223 self.create_membership(user, self.group_c, groupadmin=True) 

224 self.create_membership(user, self.group_d, groupadmin=True) 

225 

226 ids = user.ids_of_groups_user_is_admin_for 

227 

228 self.assertIn(self.group_c.id, ids) 

229 self.assertIn(self.group_d.id, ids) 

230 self.assertNotIn(self.group_a.id, ids) 

231 self.assertNotIn(self.group_b.id, ids) 

232 

233 def test_ids_of_groups_superuser_is_admin_for(self) -> None: 

234 user = self.create_user(username="test", superuser=True) 

235 self.dbsession.flush() 

236 

237 ids = user.ids_of_groups_user_is_admin_for 

238 

239 self.assertIn(self.group_a.id, ids) 

240 self.assertIn(self.group_b.id, ids) 

241 self.assertIn(self.group_c.id, ids) 

242 self.assertIn(self.group_d.id, ids) 

243 

244 def test_names_of_groups_user_is_admin_for(self) -> None: 

245 user = self.create_user(username="test") 

246 self.dbsession.flush() 

247 

248 self.create_membership(user, self.group_a, groupadmin=False) 

249 self.create_membership(user, self.group_c, groupadmin=True) 

250 self.create_membership(user, self.group_d, groupadmin=True) 

251 

252 names = user.names_of_groups_user_is_admin_for 

253 

254 self.assertIn(self.group_c.name, names) 

255 self.assertIn(self.group_d.name, names) 

256 self.assertNotIn(self.group_a.name, names) 

257 self.assertNotIn(self.group_b.name, names) 

258 

259 def test_names_of_groups_superuser_is_admin_for(self) -> None: 

260 user = self.create_user(username="test", superuser=True) 

261 self.dbsession.flush() 

262 

263 names = user.names_of_groups_user_is_admin_for 

264 

265 self.assertIn(self.group_a.name, names) 

266 self.assertIn(self.group_b.name, names) 

267 self.assertIn(self.group_c.name, names) 

268 self.assertIn(self.group_d.name, names) 

269 

270 def test_groups_user_is_admin_for(self) -> None: 

271 user = self.create_user(username="test") 

272 self.dbsession.flush() 

273 

274 self.create_membership(user, self.group_a, groupadmin=False) 

275 self.create_membership(user, self.group_c, groupadmin=True) 

276 self.create_membership(user, self.group_d, groupadmin=True) 

277 

278 self.assertEqual( 

279 [self.group_c, self.group_d], user.groups_user_is_admin_for 

280 ) 

281 

282 def test_user_may_administer_group(self) -> None: 

283 user = self.create_user(username="test") 

284 self.dbsession.flush() 

285 

286 self.create_membership(user, self.group_a, groupadmin=False) 

287 self.create_membership(user, self.group_c, groupadmin=True) 

288 self.create_membership(user, self.group_d, groupadmin=True) 

289 self.dbsession.commit() 

290 

291 self.assertFalse(user.may_administer_group(self.group_a.id)) 

292 self.assertTrue(user.may_administer_group(self.group_c.id)) 

293 self.assertTrue(user.may_administer_group(self.group_d.id)) 

294 

295 def test_superuser_may_administer_group(self) -> None: 

296 user = self.create_user(username="test", superuser=True) 

297 self.dbsession.flush() 

298 

299 self.assertTrue(user.may_administer_group(self.group_a.id)) 

300 self.assertTrue(user.may_administer_group(self.group_b.id)) 

301 self.assertTrue(user.may_administer_group(self.group_c.id)) 

302 self.assertTrue(user.may_administer_group(self.group_d.id)) 

303 

304 def test_groups_user_may_dump(self) -> None: 

305 user = self.create_user(username="test") 

306 self.dbsession.flush() 

307 

308 self.create_membership(user, self.group_d, may_dump_data=True) 

309 self.create_membership(user, self.group_c, may_dump_data=True) 

310 self.create_membership(user, self.group_a, may_dump_data=False) 

311 

312 self.assertEqual( 

313 [self.group_c, self.group_d], user.groups_user_may_dump 

314 ) 

315 

316 def test_groups_user_may_report_on(self) -> None: 

317 user = self.create_user(username="test") 

318 self.dbsession.flush() 

319 

320 self.create_membership(user, self.group_d, may_run_reports=True) 

321 self.create_membership(user, self.group_c, may_run_reports=True) 

322 self.create_membership(user, self.group_a, may_run_reports=False) 

323 

324 self.assertEqual( 

325 [self.group_c, self.group_d], user.groups_user_may_report_on 

326 ) 

327 

328 def test_groups_user_may_upload_into(self) -> None: 

329 user = self.create_user(username="test") 

330 self.dbsession.flush() 

331 

332 self.create_membership(user, self.group_d, may_upload=True) 

333 self.create_membership(user, self.group_c, may_upload=True) 

334 self.create_membership(user, self.group_a, may_upload=False) 

335 

336 self.assertEqual( 

337 [self.group_c, self.group_d], user.groups_user_may_upload_into 

338 ) 

339 

340 def test_groups_user_may_add_special_notes(self) -> None: 

341 user = self.create_user(username="test") 

342 self.dbsession.flush() 

343 

344 self.create_membership(user, self.group_d, may_add_notes=True) 

345 self.create_membership(user, self.group_c, may_add_notes=True) 

346 self.create_membership(user, self.group_a, may_add_notes=False) 

347 

348 self.assertEqual( 

349 [self.group_c, self.group_d], 

350 user.groups_user_may_add_special_notes, 

351 ) 

352 

353 def test_groups_user_may_see_all_pts_when_unfiltered(self) -> None: 

354 user = self.create_user(username="test") 

355 self.dbsession.flush() 

356 

357 self.create_membership( 

358 user, self.group_d, view_all_patients_when_unfiltered=True 

359 ) 

360 self.create_membership( 

361 user, self.group_c, view_all_patients_when_unfiltered=True 

362 ) 

363 self.create_membership( 

364 user, self.group_a, view_all_patients_when_unfiltered=False 

365 ) 

366 

367 self.assertEqual( 

368 [self.group_c, self.group_d], 

369 user.groups_user_may_see_all_pts_when_unfiltered, 

370 ) 

371 

372 def test_is_a_group_admin(self) -> None: 

373 user = self.create_user(username="test") 

374 self.dbsession.flush() 

375 

376 self.create_membership(user, self.group_d, groupadmin=True) 

377 

378 self.assertTrue(user.is_a_groupadmin) 

379 

380 def test_is_not_a_group_admin(self) -> None: 

381 user = self.create_user(username="test") 

382 self.dbsession.flush() 

383 

384 self.create_membership(user, self.group_d, groupadmin=False) 

385 

386 self.assertFalse(user.is_a_groupadmin) 

387 

388 def test_authorized_as_groupadmin(self) -> None: 

389 user = self.create_user(username="test") 

390 self.dbsession.flush() 

391 

392 self.create_membership(user, self.group_d, groupadmin=True) 

393 

394 self.assertTrue(user.authorized_as_groupadmin) 

395 

396 def test_not_authorized_as_groupadmin(self) -> None: 

397 user = self.create_user(username="test") 

398 self.dbsession.flush() 

399 

400 self.create_membership(user, self.group_d, groupadmin=False) 

401 

402 self.assertFalse(user.authorized_as_groupadmin) 

403 

404 def test_superuser_authorized_as_groupadmin(self) -> None: 

405 user = self.create_user(username="test", superuser=True) 

406 self.dbsession.flush() 

407 

408 self.assertTrue(user.authorized_as_groupadmin) 

409 

410 def test_membership_for_group_id(self) -> None: 

411 user = self.create_user(username="test") 

412 self.dbsession.flush() 

413 

414 ugm = self.create_membership(user, self.group_a) 

415 

416 self.assertEqual(user.membership_for_group_id(self.group_a.id), ugm) 

417 

418 def test_no_membership_for_group_id(self) -> None: 

419 user = self.create_user(username="test") 

420 self.dbsession.flush() 

421 

422 self.assertIsNone(user.membership_for_group_id(self.group_a.id)) 

423 

424 def test_may_use_webviewer(self) -> None: 

425 user = self.create_user(username="test") 

426 self.dbsession.flush() 

427 

428 self.create_membership(user, self.group_a, may_use_webviewer=False) 

429 self.create_membership(user, self.group_c, may_use_webviewer=True) 

430 self.dbsession.commit() 

431 

432 self.assertTrue(user.may_use_webviewer) 

433 

434 def test_may_not_use_webviewer(self) -> None: 

435 user = self.create_user(username="test") 

436 self.dbsession.flush() 

437 

438 self.assertFalse(user.may_use_webviewer) 

439 

440 def test_superuser_may_use_webviewer(self) -> None: 

441 user = self.create_user(username="test", superuser=True) 

442 self.dbsession.flush() 

443 

444 self.assertTrue(user.may_use_webviewer) 

445 

446 def test_authorized_to_add_special_note(self) -> None: 

447 user = self.create_user(username="test") 

448 self.dbsession.flush() 

449 

450 self.create_membership(user, self.group_c, may_add_notes=True) 

451 self.dbsession.commit() 

452 

453 self.assertTrue(user.authorized_to_add_special_note(self.group_c.id)) 

454 

455 def test_not_authorized_to_add_special_note(self) -> None: 

456 user = self.create_user(username="test") 

457 self.dbsession.flush() 

458 

459 self.create_membership(user, self.group_c, may_add_notes=False) 

460 self.dbsession.commit() 

461 

462 self.assertFalse(user.authorized_to_add_special_note(self.group_c.id)) 

463 

464 def test_superuser_authorized_to_add_special_note(self) -> None: 

465 user = self.create_user(username="test", superuser=True) 

466 self.dbsession.flush() 

467 

468 self.assertTrue(user.authorized_to_add_special_note(self.group_c.id)) 

469 

470 def test_groupadmin_authorized_to_erase_tasks(self) -> None: 

471 user = self.create_user(username="test") 

472 self.dbsession.flush() 

473 

474 self.create_membership(user, self.group_c, groupadmin=True) 

475 self.dbsession.commit() 

476 

477 self.assertTrue(user.authorized_to_erase_tasks(self.group_c.id)) 

478 

479 def test_non_member_not_authorized_to_erase_tasks(self) -> None: 

480 user = self.create_user(username="test") 

481 self.dbsession.flush() 

482 

483 self.create_membership(user, self.group_a, groupadmin=True) 

484 self.dbsession.commit() 

485 

486 self.assertFalse(user.authorized_to_erase_tasks(self.group_c.id)) 

487 

488 def test_non_admin_not_authorized_to_erase_tasks(self) -> None: 

489 user = self.create_user(username="test") 

490 self.dbsession.flush() 

491 

492 self.create_membership(user, self.group_c) 

493 self.dbsession.commit() 

494 

495 self.assertFalse(user.authorized_to_erase_tasks(self.group_c.id)) 

496 

497 def test_superuser_authorized_to_erase_tasks(self) -> None: 

498 user = self.create_user(username="test", superuser=True) 

499 self.dbsession.flush() 

500 

501 self.assertTrue(user.authorized_to_erase_tasks(self.group_c.id)) 

502 

503 def test_authorized_to_dump(self) -> None: 

504 user = self.create_user(username="test") 

505 self.dbsession.flush() 

506 

507 self.create_membership(user, self.group_a, may_dump_data=False) 

508 self.create_membership(user, self.group_c, may_dump_data=True) 

509 self.dbsession.commit() 

510 

511 self.assertTrue(user.authorized_to_dump) 

512 

513 def test_not_authorized_to_dump(self) -> None: 

514 user = self.create_user(username="test") 

515 self.dbsession.flush() 

516 

517 self.assertFalse(user.authorized_to_dump) 

518 

519 def test_superuser_authorized_to_dump(self) -> None: 

520 user = self.create_user(username="test", superuser=True) 

521 self.dbsession.flush() 

522 

523 self.assertTrue(user.authorized_to_dump) 

524 

525 def test_authorized_for_reports(self) -> None: 

526 user = self.create_user(username="test") 

527 self.dbsession.flush() 

528 

529 self.create_membership(user, self.group_a, may_run_reports=False) 

530 self.create_membership(user, self.group_c, may_run_reports=True) 

531 self.dbsession.commit() 

532 

533 self.assertTrue(user.authorized_for_reports) 

534 

535 def test_not_authorized_for_reports(self) -> None: 

536 user = self.create_user(username="test") 

537 self.dbsession.flush() 

538 

539 self.assertFalse(user.authorized_for_reports) 

540 

541 def test_superuser_authorized_for_reports(self) -> None: 

542 user = self.create_user(username="test", superuser=True) 

543 self.dbsession.flush() 

544 

545 self.assertTrue(user.authorized_for_reports) 

546 

547 def test_may_view_all_patients_when_unfiltered(self) -> None: 

548 user = self.create_user(username="test") 

549 self.dbsession.flush() 

550 

551 self.create_membership( 

552 user, self.group_a, view_all_patients_when_unfiltered=True 

553 ) 

554 self.create_membership( 

555 user, self.group_c, view_all_patients_when_unfiltered=True 

556 ) 

557 self.dbsession.commit() 

558 

559 self.assertTrue(user.may_view_all_patients_when_unfiltered) 

560 

561 def test_may_not_view_all_patients_when_unfiltered(self) -> None: 

562 user = self.create_user(username="test") 

563 self.dbsession.flush() 

564 

565 self.create_membership( 

566 user, self.group_a, view_all_patients_when_unfiltered=True 

567 ) 

568 self.create_membership( 

569 user, self.group_c, view_all_patients_when_unfiltered=False 

570 ) 

571 self.dbsession.commit() 

572 

573 self.assertFalse(user.may_view_all_patients_when_unfiltered) 

574 

575 def test_superuser_may_view_all_patients_when_unfiltered(self) -> None: 

576 user = self.create_user(username="test", superuser=True) 

577 self.dbsession.flush() 

578 

579 self.assertTrue(user.may_view_all_patients_when_unfiltered) 

580 

581 def test_may_view_no_patients_when_unfiltered(self) -> None: 

582 user = self.create_user(username="test") 

583 self.dbsession.flush() 

584 

585 self.assertTrue(user.may_view_no_patients_when_unfiltered) 

586 

587 def test_may_not_view_no_patients_when_unfiltered(self) -> None: 

588 user = self.create_user(username="test") 

589 self.dbsession.flush() 

590 

591 self.create_membership( 

592 user, self.group_a, view_all_patients_when_unfiltered=True 

593 ) 

594 self.create_membership( 

595 user, self.group_c, view_all_patients_when_unfiltered=True 

596 ) 

597 self.dbsession.commit() 

598 

599 self.assertFalse(user.may_view_no_patients_when_unfiltered) 

600 

601 def test_superuser_may_not_view_no_patients_when_unfiltered(self) -> None: 

602 user = self.create_user(username="test", superuser=True) 

603 self.dbsession.flush() 

604 

605 self.assertFalse(user.may_view_no_patients_when_unfiltered) 

606 

607 def test_group_ids_that_nonsuperuser_may_see_when_unfiltered(self) -> None: 

608 user = self.create_user(username="test") 

609 self.dbsession.flush() 

610 

611 self.create_membership( 

612 user, self.group_a, view_all_patients_when_unfiltered=False 

613 ) 

614 self.create_membership( 

615 user, self.group_c, view_all_patients_when_unfiltered=True 

616 ) 

617 self.create_membership( 

618 user, self.group_d, view_all_patients_when_unfiltered=True 

619 ) 

620 

621 ids = user.group_ids_nonsuperuser_may_see_when_unfiltered() 

622 

623 self.assertIn(self.group_c.id, ids) 

624 self.assertIn(self.group_d.id, ids) 

625 self.assertNotIn(self.group_a.id, ids) 

626 self.assertNotIn(self.group_b.id, ids) 

627 

628 def test_may_upload_to_group(self) -> None: 

629 user = self.create_user(username="test") 

630 self.dbsession.flush() 

631 

632 self.create_membership(user, self.group_a, may_upload=True) 

633 self.dbsession.commit() 

634 

635 self.assertTrue(user.may_upload_to_group(self.group_a.id)) 

636 

637 def test_may_not_upload_to_group(self) -> None: 

638 user = self.create_user(username="test") 

639 self.dbsession.flush() 

640 

641 self.create_membership(user, self.group_a, may_upload=False) 

642 self.dbsession.commit() 

643 

644 self.assertFalse(user.may_upload_to_group(self.group_a.id)) 

645 

646 def test_superuser_may_upload_to_group(self) -> None: 

647 user = self.create_user(username="test", superuser=True) 

648 self.dbsession.flush() 

649 

650 self.assertTrue(user.may_upload_to_group(self.group_a.id)) 

651 

652 def test_may_upload_to_upload_group(self) -> None: 

653 user = self.create_user( 

654 username="test", upload_group_id=self.group_a.id 

655 ) 

656 self.dbsession.flush() 

657 

658 self.create_membership(user, self.group_a, may_upload=True) 

659 self.dbsession.commit() 

660 

661 self.assertTrue(user.may_upload) 

662 

663 def test_may_not_upload_with_no_upload_group(self) -> None: 

664 user = self.create_user(username="test") 

665 self.dbsession.flush() 

666 

667 self.create_membership(user, self.group_a, may_upload=True) 

668 self.dbsession.commit() 

669 

670 self.assertFalse(user.may_upload) 

671 

672 def test_may_not_upload_with_upload_group_but_no_permission(self) -> None: 

673 user = self.create_user( 

674 username="test", upload_group_id=self.group_a.id 

675 ) 

676 self.dbsession.flush() 

677 

678 self.create_membership(user, self.group_a, may_upload=False) 

679 self.dbsession.commit() 

680 

681 self.assertFalse(user.may_upload) 

682 

683 def test_may_register_devices_with_upload_group(self) -> None: 

684 user = self.create_user( 

685 username="test", upload_group_id=self.group_a.id 

686 ) 

687 self.dbsession.flush() 

688 

689 self.create_membership(user, self.group_a, may_register_devices=True) 

690 self.dbsession.commit() 

691 

692 self.assertTrue(user.may_register_devices) 

693 

694 def test_may_not_register_devices_with_no_upload_group(self) -> None: 

695 user = self.create_user(username="test") 

696 self.dbsession.flush() 

697 

698 self.assertFalse(user.may_register_devices) 

699 

700 def test_may_not_register_devices_with_upload_group_but_no_permission( 

701 self, 

702 ) -> None: 

703 user = self.create_user( 

704 username="test", upload_group_id=self.group_a.id 

705 ) 

706 self.dbsession.flush() 

707 

708 self.create_membership(user, self.group_a, may_register_devices=False) 

709 self.dbsession.commit() 

710 

711 self.assertFalse(user.may_register_devices) 

712 

713 def test_superuser_may_register_devices_with_upload_group(self) -> None: 

714 user = self.create_user( 

715 username="test", upload_group_id=self.group_a.id, superuser=True 

716 ) 

717 self.dbsession.flush() 

718 

719 self.assertTrue(user.may_register_devices) 

720 

721 def test_superuser_may_not_register_devices_with_no_upload_group( 

722 self, 

723 ) -> None: 

724 user = self.create_user(username="test", superuser=True) 

725 self.dbsession.flush() 

726 

727 self.assertFalse(user.may_register_devices) 

728 

729 def test_authorized_to_manage_patients(self) -> None: 

730 user = self.create_user(username="test") 

731 self.dbsession.flush() 

732 

733 self.create_membership(user, self.group_a, may_manage_patients=False) 

734 self.create_membership(user, self.group_c, may_manage_patients=True) 

735 self.dbsession.commit() 

736 

737 self.assertTrue(user.authorized_to_manage_patients) 

738 

739 def test_not_authorized_to_manage_patients(self) -> None: 

740 user = self.create_user(username="test") 

741 self.dbsession.flush() 

742 

743 self.assertFalse(user.authorized_to_manage_patients) 

744 

745 def test_groupadmin_authorized_to_manage_patients(self) -> None: 

746 user = self.create_user(username="test") 

747 self.dbsession.flush() 

748 

749 self.create_membership(user, self.group_a, groupadmin=True) 

750 

751 self.assertTrue(user.authorized_to_manage_patients) 

752 

753 def test_superuser_authorized_to_manage_patients(self) -> None: 

754 user = self.create_user(username="test", superuser=True) 

755 self.dbsession.flush() 

756 

757 self.assertTrue(user.authorized_to_manage_patients) 

758 

759 def test_user_may_manage_patients_in_group(self) -> None: 

760 user = self.create_user(username="test") 

761 self.dbsession.flush() 

762 

763 self.create_membership(user, self.group_a, may_manage_patients=False) 

764 self.create_membership(user, self.group_c, may_manage_patients=True) 

765 self.create_membership(user, self.group_d, may_manage_patients=True) 

766 self.dbsession.commit() 

767 

768 self.assertFalse(user.may_manage_patients_in_group(self.group_a.id)) 

769 self.assertTrue(user.may_manage_patients_in_group(self.group_c.id)) 

770 self.assertTrue(user.may_manage_patients_in_group(self.group_d.id)) 

771 

772 def test_groupadmin_may_manage_patients_in_group(self) -> None: 

773 user = self.create_user(username="test") 

774 self.dbsession.flush() 

775 

776 self.create_membership(user, self.group_a, groupadmin=False) 

777 self.create_membership(user, self.group_c, groupadmin=True) 

778 self.create_membership(user, self.group_d, groupadmin=True) 

779 self.dbsession.commit() 

780 

781 self.assertFalse(user.may_manage_patients_in_group(self.group_a.id)) 

782 self.assertTrue(user.may_manage_patients_in_group(self.group_c.id)) 

783 self.assertTrue(user.may_manage_patients_in_group(self.group_d.id)) 

784 

785 def test_superuser_may_manage_patients_in_group(self) -> None: 

786 user = self.create_user(username="test", superuser=True) 

787 self.dbsession.flush() 

788 

789 self.assertTrue(user.may_manage_patients_in_group(self.group_a.id)) 

790 self.assertTrue(user.may_manage_patients_in_group(self.group_b.id)) 

791 self.assertTrue(user.may_manage_patients_in_group(self.group_c.id)) 

792 self.assertTrue(user.may_manage_patients_in_group(self.group_d.id)) 

793 

794 def test_authorized_to_email_patients(self) -> None: 

795 user = self.create_user(username="test") 

796 self.dbsession.flush() 

797 

798 self.create_membership(user, self.group_a, may_email_patients=False) 

799 self.create_membership(user, self.group_c, may_email_patients=True) 

800 self.dbsession.commit() 

801 

802 self.assertTrue(user.authorized_to_email_patients) 

803 

804 def test_not_authorized_to_email_patients(self) -> None: 

805 user = self.create_user(username="test") 

806 self.dbsession.flush() 

807 

808 self.assertFalse(user.authorized_to_email_patients) 

809 

810 def test_groupadmin_authorized_to_email_patients(self) -> None: 

811 user = self.create_user(username="test") 

812 self.dbsession.flush() 

813 

814 self.create_membership(user, self.group_a, groupadmin=True) 

815 

816 self.assertTrue(user.authorized_to_email_patients) 

817 

818 def test_superuser_authorized_to_email_patients(self) -> None: 

819 user = self.create_user(username="test", superuser=True) 

820 self.dbsession.flush() 

821 

822 self.assertTrue(user.authorized_to_email_patients) 

823 

824 def test_user_may_email_patients_in_group(self) -> None: 

825 user = self.create_user(username="test") 

826 self.dbsession.flush() 

827 

828 self.create_membership(user, self.group_a, may_email_patients=False) 

829 self.create_membership(user, self.group_c, may_email_patients=True) 

830 self.create_membership(user, self.group_d, may_email_patients=True) 

831 self.dbsession.commit() 

832 

833 self.assertFalse(user.may_email_patients_in_group(self.group_a.id)) 

834 self.assertTrue(user.may_email_patients_in_group(self.group_c.id)) 

835 self.assertTrue(user.may_email_patients_in_group(self.group_d.id)) 

836 

837 def test_groupadmin_may_email_patients_in_group(self) -> None: 

838 user = self.create_user(username="test") 

839 self.dbsession.flush() 

840 

841 self.create_membership(user, self.group_a, groupadmin=False) 

842 self.create_membership(user, self.group_c, groupadmin=True) 

843 self.create_membership(user, self.group_d, groupadmin=True) 

844 self.dbsession.commit() 

845 

846 self.assertFalse(user.may_email_patients_in_group(self.group_a.id)) 

847 self.assertTrue(user.may_email_patients_in_group(self.group_c.id)) 

848 self.assertTrue(user.may_email_patients_in_group(self.group_d.id)) 

849 

850 def test_superuser_may_email_patients_in_group(self) -> None: 

851 user = self.create_user(username="test", superuser=True) 

852 self.dbsession.flush() 

853 

854 self.assertTrue(user.may_email_patients_in_group(self.group_a.id)) 

855 self.assertTrue(user.may_email_patients_in_group(self.group_b.id)) 

856 self.assertTrue(user.may_email_patients_in_group(self.group_c.id)) 

857 self.assertTrue(user.may_email_patients_in_group(self.group_d.id))