#!/usr/bin/env python
"""
camcops_server/cc_modules/tests/cc_user_tests.py
===============================================================================
Copyright (C) 2012, University of Cambridge, Department of Psychiatry.
Created by Rudolf Cardinal (rnc1001@cam.ac.uk).
This file is part of CamCOPS.
CamCOPS is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
CamCOPS is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with CamCOPS. If not, see <https://www.gnu.org/licenses/>.
===============================================================================
"""
from pendulum import DateTime as Pendulum
import phonenumbers
from camcops_server.cc_modules.cc_constants import (
OBSCURE_EMAIL_ASTERISKS,
OBSCURE_PHONE_ASTERISKS,
)
from camcops_server.cc_modules.cc_group import Group
from camcops_server.cc_modules.cc_unittest import (
BasicDatabaseTestCase,
DemoDatabaseTestCase,
)
from camcops_server.cc_modules.cc_user import (
SecurityAccountLockout,
SecurityLoginFailure,
User,
)
# =============================================================================
# Unit testing
# =============================================================================
[docs]class UserTests(DemoDatabaseTestCase):
"""
Unit tests.
"""
def test_user(self) -> None:
self.announce("test_user")
req = self.req
SecurityAccountLockout.delete_old_account_lockouts(req)
self.assertIsInstance(
SecurityAccountLockout.is_user_locked_out(req, "dummy_user"), bool
)
self.assertIsInstanceOrNone(
SecurityAccountLockout.user_locked_out_until(req, "dummy_user"),
Pendulum,
)
self.assertIsInstance(
SecurityLoginFailure.how_many_login_failures(req, "dummy_user"),
int,
)
SecurityLoginFailure.clear_login_failures_for_nonexistent_users(req)
SecurityLoginFailure.clear_dummy_login_failures_if_necessary(req)
SecurityLoginFailure.clear_dummy_login_failures_if_necessary(req)
# ... do it twice (we had a bug relating to offset-aware vs
# offset-naive date/time objects).
self.assertIsInstance(User.is_username_permissible("some_user"), bool)
User.take_some_time_mimicking_password_encryption()
u = self.dbsession.query(User).first() # type: User
assert u, "Missing user in demo database!"
g = self.dbsession.query(Group).first() # type: Group
assert g, "Missing group in demo database!"
self.assertIsInstance(u.is_password_correct("dummy_password"), bool)
self.assertIsInstance(u.must_agree_terms, bool)
u.agree_terms(req)
u.clear_login_failures(req)
self.assertIsInstance(u.is_locked_out(req), bool)
self.assertIsInstanceOrNone(u.locked_out_until(req), Pendulum)
u.enable(req)
self.assertIsInstance(u.may_login_as_tablet, bool)
# TODO: cc_user.UserTests: could do more here
self.assertIsInstance(u.authorized_as_groupadmin, bool)
self.assertIsInstance(u.may_use_webviewer, bool)
self.assertIsInstance(u.authorized_to_add_special_note(g.id), bool)
self.assertIsInstance(u.authorized_to_erase_tasks(g.id), bool)
self.assertIsInstance(u.authorized_to_dump, bool)
self.assertIsInstance(u.authorized_for_reports, bool)
self.assertIsInstance(u.may_view_all_patients_when_unfiltered, bool)
self.assertIsInstance(u.may_view_no_patients_when_unfiltered, bool)
self.assertIsInstance(u.may_upload_to_group(g.id), bool)
self.assertIsInstance(u.may_upload, bool)
self.assertIsInstance(u.may_register_devices, bool)
def test_partial_email(self) -> None:
# https://en.wikipedia.org/wiki/Email_address
a = OBSCURE_EMAIL_ASTERISKS
tests = (
("simple@example.com", f"s{a}e@example.com"),
("very.common@example.com", f"v{a}n@example.com"),
(
"disposable.style.email.with+symbol@example.com",
f"d{a}l@example.com",
),
("other.email-with-hyphen@example.com", f"o{a}n@example.com"),
("x@example.com", f"x{a}x@example.com"),
(
"example-indeed@strange-example.com",
f"e{a}d@strange-example.com",
),
("test/test@test.com", f"t{a}t@test.com"),
("admin@mailserver1", f"a{a}n@mailserver1"),
("example@s.example", f"e{a}e@s.example"),
('" "@example.org', f'"{a}"@example.org'),
('"john..doe"@example.org', f'"{a}"@example.org'),
("mailhost!username@example.org", f"m{a}e@example.org"),
("user%example.com@example.org", f"u{a}m@example.org"),
("user-@example.org", f"u{a}-@example.org"),
("very.unusual.”@”.unusual.com@example.com", f"v{a}m@example.com"),
)
user = self.create_user()
for email, expected_partial in tests:
user.email = email
self.assertEqual(
user.partial_email, expected_partial, msg=f"Failed for {email}"
)
def test_partial_phone_number(self) -> None:
user = self.create_user()
# https://www.ofcom.org.uk/phones-telecoms-and-internet/information-for-industry/numbering/numbers-for-drama # noqa: E501
user.phone_number = phonenumbers.parse("+447700900123")
a = OBSCURE_PHONE_ASTERISKS
self.assertEqual(user.partial_phone_number, f"{a}23")
[docs]class UserPermissionTests(BasicDatabaseTestCase):
[docs] def setUp(self) -> None:
super().setUp()
# Deliberately not in alphabetical order to test sorting
self.group_c = self.create_group("groupc")
self.group_b = self.create_group("groupb")
self.group_a = self.create_group("groupa")
self.group_d = self.create_group("groupd")
self.dbsession.flush()
def test_groups_user_may_manage_patients_in(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, may_manage_patients=True)
self.create_membership(user, self.group_c, may_manage_patients=True)
self.create_membership(user, self.group_a, may_manage_patients=False)
self.assertEqual(
[self.group_c, self.group_d],
user.groups_user_may_manage_patients_in,
)
def test_groups_user_may_email_patients_in(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, may_email_patients=True)
self.create_membership(user, self.group_c, may_email_patients=True)
self.create_membership(user, self.group_a, may_email_patients=False)
self.assertEqual(
[self.group_c, self.group_d],
user.groups_user_may_email_patients_in,
)
def test_ids_of_groups_user_may_report_on(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_run_reports=False)
self.create_membership(user, self.group_c, may_run_reports=True)
self.create_membership(user, self.group_d, may_run_reports=True)
ids = user.ids_of_groups_user_may_report_on
self.assertIn(self.group_c.id, ids)
self.assertIn(self.group_d.id, ids)
self.assertNotIn(self.group_a.id, ids)
self.assertNotIn(self.group_b.id, ids)
def test_ids_of_groups_superuser_may_report_on(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
ids = user.ids_of_groups_user_may_report_on
self.assertIn(self.group_a.id, ids)
self.assertIn(self.group_b.id, ids)
self.assertIn(self.group_c.id, ids)
self.assertIn(self.group_d.id, ids)
def test_ids_of_groups_user_is_admin_for(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, groupadmin=False)
self.create_membership(user, self.group_c, groupadmin=True)
self.create_membership(user, self.group_d, groupadmin=True)
ids = user.ids_of_groups_user_is_admin_for
self.assertIn(self.group_c.id, ids)
self.assertIn(self.group_d.id, ids)
self.assertNotIn(self.group_a.id, ids)
self.assertNotIn(self.group_b.id, ids)
def test_ids_of_groups_superuser_is_admin_for(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
ids = user.ids_of_groups_user_is_admin_for
self.assertIn(self.group_a.id, ids)
self.assertIn(self.group_b.id, ids)
self.assertIn(self.group_c.id, ids)
self.assertIn(self.group_d.id, ids)
def test_names_of_groups_user_is_admin_for(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, groupadmin=False)
self.create_membership(user, self.group_c, groupadmin=True)
self.create_membership(user, self.group_d, groupadmin=True)
names = user.names_of_groups_user_is_admin_for
self.assertIn(self.group_c.name, names)
self.assertIn(self.group_d.name, names)
self.assertNotIn(self.group_a.name, names)
self.assertNotIn(self.group_b.name, names)
def test_names_of_groups_superuser_is_admin_for(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
names = user.names_of_groups_user_is_admin_for
self.assertIn(self.group_a.name, names)
self.assertIn(self.group_b.name, names)
self.assertIn(self.group_c.name, names)
self.assertIn(self.group_d.name, names)
def test_groups_user_is_admin_for(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, groupadmin=False)
self.create_membership(user, self.group_c, groupadmin=True)
self.create_membership(user, self.group_d, groupadmin=True)
self.assertEqual(
[self.group_c, self.group_d], user.groups_user_is_admin_for
)
def test_user_may_administer_group(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, groupadmin=False)
self.create_membership(user, self.group_c, groupadmin=True)
self.create_membership(user, self.group_d, groupadmin=True)
self.dbsession.commit()
self.assertFalse(user.may_administer_group(self.group_a.id))
self.assertTrue(user.may_administer_group(self.group_c.id))
self.assertTrue(user.may_administer_group(self.group_d.id))
def test_superuser_may_administer_group(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.may_administer_group(self.group_a.id))
self.assertTrue(user.may_administer_group(self.group_b.id))
self.assertTrue(user.may_administer_group(self.group_c.id))
self.assertTrue(user.may_administer_group(self.group_d.id))
def test_groups_user_may_dump(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, may_dump_data=True)
self.create_membership(user, self.group_c, may_dump_data=True)
self.create_membership(user, self.group_a, may_dump_data=False)
self.assertEqual(
[self.group_c, self.group_d], user.groups_user_may_dump
)
def test_groups_user_may_report_on(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, may_run_reports=True)
self.create_membership(user, self.group_c, may_run_reports=True)
self.create_membership(user, self.group_a, may_run_reports=False)
self.assertEqual(
[self.group_c, self.group_d], user.groups_user_may_report_on
)
def test_groups_user_may_upload_into(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, may_upload=True)
self.create_membership(user, self.group_c, may_upload=True)
self.create_membership(user, self.group_a, may_upload=False)
self.assertEqual(
[self.group_c, self.group_d], user.groups_user_may_upload_into
)
def test_groups_user_may_add_special_notes(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, may_add_notes=True)
self.create_membership(user, self.group_c, may_add_notes=True)
self.create_membership(user, self.group_a, may_add_notes=False)
self.assertEqual(
[self.group_c, self.group_d],
user.groups_user_may_add_special_notes,
)
def test_groups_user_may_see_all_pts_when_unfiltered(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(
user, self.group_d, view_all_patients_when_unfiltered=True
)
self.create_membership(
user, self.group_c, view_all_patients_when_unfiltered=True
)
self.create_membership(
user, self.group_a, view_all_patients_when_unfiltered=False
)
self.assertEqual(
[self.group_c, self.group_d],
user.groups_user_may_see_all_pts_when_unfiltered,
)
def test_is_a_group_admin(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, groupadmin=True)
self.assertTrue(user.is_a_groupadmin)
def test_is_not_a_group_admin(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, groupadmin=False)
self.assertFalse(user.is_a_groupadmin)
def test_authorized_as_groupadmin(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, groupadmin=True)
self.assertTrue(user.authorized_as_groupadmin)
def test_not_authorized_as_groupadmin(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_d, groupadmin=False)
self.assertFalse(user.authorized_as_groupadmin)
def test_superuser_authorized_as_groupadmin(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.authorized_as_groupadmin)
def test_membership_for_group_id(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
ugm = self.create_membership(user, self.group_a)
self.assertEqual(user.membership_for_group_id(self.group_a.id), ugm)
def test_no_membership_for_group_id(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.assertIsNone(user.membership_for_group_id(self.group_a.id))
def test_may_use_webviewer(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_use_webviewer=False)
self.create_membership(user, self.group_c, may_use_webviewer=True)
self.dbsession.commit()
self.assertTrue(user.may_use_webviewer)
def test_may_not_use_webviewer(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.assertFalse(user.may_use_webviewer)
def test_superuser_may_use_webviewer(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.may_use_webviewer)
def test_authorized_to_add_special_note(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_c, may_add_notes=True)
self.dbsession.commit()
self.assertTrue(user.authorized_to_add_special_note(self.group_c.id))
def test_not_authorized_to_add_special_note(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_c, may_add_notes=False)
self.dbsession.commit()
self.assertFalse(user.authorized_to_add_special_note(self.group_c.id))
def test_superuser_authorized_to_add_special_note(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.authorized_to_add_special_note(self.group_c.id))
def test_groupadmin_authorized_to_erase_tasks(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_c, groupadmin=True)
self.dbsession.commit()
self.assertTrue(user.authorized_to_erase_tasks(self.group_c.id))
def test_non_member_not_authorized_to_erase_tasks(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, groupadmin=True)
self.dbsession.commit()
self.assertFalse(user.authorized_to_erase_tasks(self.group_c.id))
def test_non_admin_not_authorized_to_erase_tasks(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_c)
self.dbsession.commit()
self.assertFalse(user.authorized_to_erase_tasks(self.group_c.id))
def test_superuser_authorized_to_erase_tasks(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.authorized_to_erase_tasks(self.group_c.id))
def test_authorized_to_dump(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_dump_data=False)
self.create_membership(user, self.group_c, may_dump_data=True)
self.dbsession.commit()
self.assertTrue(user.authorized_to_dump)
def test_not_authorized_to_dump(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.assertFalse(user.authorized_to_dump)
def test_superuser_authorized_to_dump(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.authorized_to_dump)
def test_authorized_for_reports(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_run_reports=False)
self.create_membership(user, self.group_c, may_run_reports=True)
self.dbsession.commit()
self.assertTrue(user.authorized_for_reports)
def test_not_authorized_for_reports(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.assertFalse(user.authorized_for_reports)
def test_superuser_authorized_for_reports(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.authorized_for_reports)
def test_may_view_all_patients_when_unfiltered(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(
user, self.group_a, view_all_patients_when_unfiltered=True
)
self.create_membership(
user, self.group_c, view_all_patients_when_unfiltered=True
)
self.dbsession.commit()
self.assertTrue(user.may_view_all_patients_when_unfiltered)
def test_may_not_view_all_patients_when_unfiltered(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(
user, self.group_a, view_all_patients_when_unfiltered=True
)
self.create_membership(
user, self.group_c, view_all_patients_when_unfiltered=False
)
self.dbsession.commit()
self.assertFalse(user.may_view_all_patients_when_unfiltered)
def test_superuser_may_view_all_patients_when_unfiltered(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.may_view_all_patients_when_unfiltered)
def test_may_view_no_patients_when_unfiltered(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.assertTrue(user.may_view_no_patients_when_unfiltered)
def test_may_not_view_no_patients_when_unfiltered(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(
user, self.group_a, view_all_patients_when_unfiltered=True
)
self.create_membership(
user, self.group_c, view_all_patients_when_unfiltered=True
)
self.dbsession.commit()
self.assertFalse(user.may_view_no_patients_when_unfiltered)
def test_superuser_may_not_view_no_patients_when_unfiltered(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertFalse(user.may_view_no_patients_when_unfiltered)
def test_group_ids_that_nonsuperuser_may_see_when_unfiltered(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(
user, self.group_a, view_all_patients_when_unfiltered=False
)
self.create_membership(
user, self.group_c, view_all_patients_when_unfiltered=True
)
self.create_membership(
user, self.group_d, view_all_patients_when_unfiltered=True
)
ids = user.group_ids_nonsuperuser_may_see_when_unfiltered()
self.assertIn(self.group_c.id, ids)
self.assertIn(self.group_d.id, ids)
self.assertNotIn(self.group_a.id, ids)
self.assertNotIn(self.group_b.id, ids)
def test_may_upload_to_group(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_upload=True)
self.dbsession.commit()
self.assertTrue(user.may_upload_to_group(self.group_a.id))
def test_may_not_upload_to_group(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_upload=False)
self.dbsession.commit()
self.assertFalse(user.may_upload_to_group(self.group_a.id))
def test_superuser_may_upload_to_group(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.may_upload_to_group(self.group_a.id))
def test_may_upload_to_upload_group(self) -> None:
user = self.create_user(
username="test", upload_group_id=self.group_a.id
)
self.dbsession.flush()
self.create_membership(user, self.group_a, may_upload=True)
self.dbsession.commit()
self.assertTrue(user.may_upload)
def test_may_not_upload_with_no_upload_group(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_upload=True)
self.dbsession.commit()
self.assertFalse(user.may_upload)
def test_may_not_upload_with_upload_group_but_no_permission(self) -> None:
user = self.create_user(
username="test", upload_group_id=self.group_a.id
)
self.dbsession.flush()
self.create_membership(user, self.group_a, may_upload=False)
self.dbsession.commit()
self.assertFalse(user.may_upload)
def test_may_register_devices_with_upload_group(self) -> None:
user = self.create_user(
username="test", upload_group_id=self.group_a.id
)
self.dbsession.flush()
self.create_membership(user, self.group_a, may_register_devices=True)
self.dbsession.commit()
self.assertTrue(user.may_register_devices)
def test_may_not_register_devices_with_no_upload_group(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.assertFalse(user.may_register_devices)
def test_may_not_register_devices_with_upload_group_but_no_permission(
self,
) -> None:
user = self.create_user(
username="test", upload_group_id=self.group_a.id
)
self.dbsession.flush()
self.create_membership(user, self.group_a, may_register_devices=False)
self.dbsession.commit()
self.assertFalse(user.may_register_devices)
def test_superuser_may_register_devices_with_upload_group(self) -> None:
user = self.create_user(
username="test", upload_group_id=self.group_a.id, superuser=True
)
self.dbsession.flush()
self.assertTrue(user.may_register_devices)
def test_superuser_may_not_register_devices_with_no_upload_group(
self,
) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertFalse(user.may_register_devices)
def test_authorized_to_manage_patients(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_manage_patients=False)
self.create_membership(user, self.group_c, may_manage_patients=True)
self.dbsession.commit()
self.assertTrue(user.authorized_to_manage_patients)
def test_not_authorized_to_manage_patients(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.assertFalse(user.authorized_to_manage_patients)
def test_groupadmin_authorized_to_manage_patients(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, groupadmin=True)
self.assertTrue(user.authorized_to_manage_patients)
def test_superuser_authorized_to_manage_patients(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.authorized_to_manage_patients)
def test_user_may_manage_patients_in_group(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_manage_patients=False)
self.create_membership(user, self.group_c, may_manage_patients=True)
self.create_membership(user, self.group_d, may_manage_patients=True)
self.dbsession.commit()
self.assertFalse(user.may_manage_patients_in_group(self.group_a.id))
self.assertTrue(user.may_manage_patients_in_group(self.group_c.id))
self.assertTrue(user.may_manage_patients_in_group(self.group_d.id))
def test_groupadmin_may_manage_patients_in_group(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, groupadmin=False)
self.create_membership(user, self.group_c, groupadmin=True)
self.create_membership(user, self.group_d, groupadmin=True)
self.dbsession.commit()
self.assertFalse(user.may_manage_patients_in_group(self.group_a.id))
self.assertTrue(user.may_manage_patients_in_group(self.group_c.id))
self.assertTrue(user.may_manage_patients_in_group(self.group_d.id))
def test_superuser_may_manage_patients_in_group(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.may_manage_patients_in_group(self.group_a.id))
self.assertTrue(user.may_manage_patients_in_group(self.group_b.id))
self.assertTrue(user.may_manage_patients_in_group(self.group_c.id))
self.assertTrue(user.may_manage_patients_in_group(self.group_d.id))
def test_authorized_to_email_patients(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_email_patients=False)
self.create_membership(user, self.group_c, may_email_patients=True)
self.dbsession.commit()
self.assertTrue(user.authorized_to_email_patients)
def test_not_authorized_to_email_patients(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.assertFalse(user.authorized_to_email_patients)
def test_groupadmin_authorized_to_email_patients(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, groupadmin=True)
self.assertTrue(user.authorized_to_email_patients)
def test_superuser_authorized_to_email_patients(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.authorized_to_email_patients)
def test_user_may_email_patients_in_group(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, may_email_patients=False)
self.create_membership(user, self.group_c, may_email_patients=True)
self.create_membership(user, self.group_d, may_email_patients=True)
self.dbsession.commit()
self.assertFalse(user.may_email_patients_in_group(self.group_a.id))
self.assertTrue(user.may_email_patients_in_group(self.group_c.id))
self.assertTrue(user.may_email_patients_in_group(self.group_d.id))
def test_groupadmin_may_email_patients_in_group(self) -> None:
user = self.create_user(username="test")
self.dbsession.flush()
self.create_membership(user, self.group_a, groupadmin=False)
self.create_membership(user, self.group_c, groupadmin=True)
self.create_membership(user, self.group_d, groupadmin=True)
self.dbsession.commit()
self.assertFalse(user.may_email_patients_in_group(self.group_a.id))
self.assertTrue(user.may_email_patients_in_group(self.group_c.id))
self.assertTrue(user.may_email_patients_in_group(self.group_d.id))
def test_superuser_may_email_patients_in_group(self) -> None:
user = self.create_user(username="test", superuser=True)
self.dbsession.flush()
self.assertTrue(user.may_email_patients_in_group(self.group_a.id))
self.assertTrue(user.may_email_patients_in_group(self.group_b.id))
self.assertTrue(user.may_email_patients_in_group(self.group_c.id))
self.assertTrue(user.may_email_patients_in_group(self.group_d.id))