[#127] refactor namings

commonsServer/tests/test_viewsets.py

@@ -184,6 +184,32 @@ def test_create_application(self):
         self.client.post(reverse('application'), data={'name': 'newapp'})
         self.assertEqual(1, len(Application.objects.filter(name='newapp')))
 
+    def test_get_application_by_name(self):
+        """
+        Check it's possible to get an application case by name
+        """
+        self._create_and_authenticate_user_with_permissions(Permission.objects.filter(Q(codename='view_application', content_type=self.content_type_application)))
+        response = self.client.get(reverse('application'), data={'name': 'app1'})
+        self.assertEqual(1, response.data['id'])
+
+    def test_get_application_by_name_with_application_restriction(self):
+        """
+        Check it's possible to get an application case by name when application restriction is set
+        """
+        with self.settings(RESTRICT_ACCESS_TO_APPLICATION_IN_ADMIN=True):
+            self._create_and_authenticate_user_with_permissions(Permission.objects.filter(Q(codename='can_view_application_app1', content_type=self.content_type_application)))
+            response = self.client.get(reverse('application'), data={'name': 'app1'})
+            self.assertEqual(1, response.data['id'])
+
+    def test_get_application_by_name_with_application_restriction2(self):
+        """
+        Check it's NOT possible to get an application case by name when application restriction is set and the application does not correspond to app on which user has permission
+        """
+        with self.settings(RESTRICT_ACCESS_TO_APPLICATION_IN_ADMIN=True):
+            self._create_and_authenticate_user_with_permissions(Permission.objects.filter(Q(codename='can_view_application_app1')))
+            response = self.client.get(reverse('application'), data={'name': 'app2'})
+            self.assertEqual(403, response.status_code)
+
     def test_create_application_forbidden(self):
         """
         Check it's NOT possible to add an application without 'add_application' permission
@@ -241,6 +267,24 @@ def test_create_environment_with_application_restriction(self):
             self._create_and_authenticate_user_with_permissions(Permission.objects.filter(Q(codename='can_view_application_app1')))
             response = self.client.post(reverse('environment'), data={'name': 'newenv'})
             self.assertEqual(403, response.status_code)
+
+    def test_get_environment_by_name(self):
+        """
+        Check it's possible to get an environment case by name
+        """
+        self._create_and_authenticate_user_with_permissions(Permission.objects.filter(Q(codename='view_testenvironment', content_type=self.content_type_environment)))
+        response = self.client.get(reverse('environment'), data={'name': 'DEV'})
+        self.assertEqual(1, response.data['id'])
+
+    def test_get_environment_by_name_with_application_restriction(self):
+        """
+        Check it's possible to get an environment by name when application restriction is set
+        """
+        with self.settings(RESTRICT_ACCESS_TO_APPLICATION_IN_ADMIN=True):
+            self._create_and_authenticate_user_with_permissions(Permission.objects.filter(Q(codename='can_view_application_app1')))
+            response = self.client.get(reverse('environment'), data={'name': 'DEV'})
+            self.assertEqual(1, response.data['id'])
+
 
     def test_create_environment_with_application_restriction2(self):
         """

commonsServer/views/viewsets.py

@@ -91,12 +91,12 @@ def check_object_permissions(self, request, obj):
         if not settings.RESTRICT_ACCESS_TO_APPLICATION_IN_ADMIN or has_model_permission:
             return viewsets.ModelViewSet.check_object_permissions(self, request, obj)
 
-        if obj and obj.application:
+        elif obj and obj.application:
             permission = BaseServerModelAdmin.APP_SPECIFIC_PERMISSION_PREFIX + obj.application.name
             if not self.request.user.has_perm(permission):
                 self.permission_denied(
                     request,
-                    message="You don't have rights for application %s" % obj.application,
+                    message="You don't have rights for application %s" % obj.application.name,
                     code=None
                 )
         else:
@@ -139,6 +139,32 @@ class ApplicationViewSet(RetrieveByNameViewSet):
     def get_object(self):
         return super().get_object(Application)
 
+    def check_object_permissions(self, request, obj):
+        """
+        Check user has permission on object
+        It has permission if:
+        - it has permission on model
+        - it has permission on application, if application restriction is set
+        """
+
+        model_permissions = []
+        for permission in self.get_permissions():
+            model_permissions += permission.get_required_permissions(request.method, obj.__class__)
+
+        has_model_permission = any([self.request.user.has_perm(model_permission) for model_permission in model_permissions])
+
+        if not settings.RESTRICT_ACCESS_TO_APPLICATION_IN_ADMIN or has_model_permission:
+            return viewsets.ModelViewSet.check_object_permissions(self, request, obj)
+
+        permission = BaseServerModelAdmin.APP_SPECIFIC_PERMISSION_PREFIX + obj.name
+        if not self.request.user.has_perm(permission):
+            self.permission_denied(
+                request,
+                message="You don't have rights for application %s" % obj.name,
+                code=None
+            )
+
+
 class VersionViewSet(RetrieveByNameViewSet):
     queryset = Version.objects.none()
     serializer_class = VersionSerializer
@@ -152,6 +178,32 @@ class TestEnvironmentViewSet(RetrieveByNameViewSet):
 
     def get_object(self):
         return super().get_object(TestEnvironment)
+
+    def check_object_permissions(self, request, obj):
+        """
+        Check user has permission on object
+        It has permission if:
+        - it has permission on model
+        - it has permission on application, if application restriction is set
+        """
+
+        model_permissions = []
+        for permission in self.get_permissions():
+            model_permissions += permission.get_required_permissions(request.method, obj.__class__)
+
+        has_model_permission = any([self.request.user.has_perm(model_permission) for model_permission in model_permissions])
+
+        if not settings.RESTRICT_ACCESS_TO_APPLICATION_IN_ADMIN or has_model_permission:
+            return viewsets.ModelViewSet.check_object_permissions(self, request, obj)
+
+        if self.request.method != 'GET':
+            self.permission_denied(
+                request,
+                message="You don't have rights to change environment %s" % obj.name,
+                code=None
+            )
+
+        # when application restrictions is set, we allow to see all environments as there is no link between application and environment
 
 class TestCaseViewSet(RetrieveByNameViewSet):
     queryset = TestCase.objects.none()

elementInfoServer/tests/test_api.py

@@ -6,8 +6,8 @@
 from django.urls.base import reverse
 from rest_framework.test import APITestCase
 from elementInfoServer.models import ElementInfo
-from django.contrib.auth.models import User
-from rest_framework.authtoken.models import Token
+from django.contrib.auth.models import User, Group, Permission
+from django.db.models import Q
 
 class TestApi(APITestCase):
     '''
@@ -16,14 +16,18 @@ class TestApi(APITestCase):
     '''
     fixtures = ['elementInfoServer.yaml']
 
+
     def setUp(self):
         """
         Set up token connection
         """
-        self.user = User.objects.create_user(username='user', password='pwd')
-        token = Token.objects.get_or_create(user=self.user)[0]
-        self.client.credentials(HTTP_AUTHORIZATION='Token ' + token.key)
-
+        self.user = User.objects.create_user(username='userApi', password='pwd')
+        self.client.force_authenticate(user=self.user)
+
+        users_group, created = Group.objects.get_or_create(name='Users')
+
+        users_group.permissions.add(*Permission.objects.filter(Q(codename='view_elementinfo')))
+        users_group.user_set.add(self.user)
 
     def test_elementinfo_deletion(self):
         """

snapshotServer/tests/__init__.py

@@ -18,9 +18,9 @@ def _create_allowed_user_and_group():
     ct = ContentType.objects.get_for_model(snapshotServer.models.ExcludeZone)
     group.permissions.add(*Permission.objects.filter(Q(codename='add_excludezone') | Q(codename='change_excludezone') | Q(codename='delete_excludezone') , content_type=ct))
     ct = ContentType.objects.get_for_model(snapshotServer.models.Snapshot)
-    group.permissions.add(*Permission.objects.filter(Q(codename='add_snapshot') | Q(codename='change_snapshot') | Q(codename='delete_snapshot') , content_type=ct))
+    group.permissions.add(*Permission.objects.filter(Q(codename='add_snapshot') | Q(codename='change_snapshot') | Q(codename='view_snapshot') | Q(codename='delete_snapshot') , content_type=ct))
     ct = ContentType.objects.get_for_model(snapshotServer.models.StepResult)
-    group.permissions.add(*Permission.objects.filter(Q(codename='add_stepresult') | Q(codename='change_stepresult') , content_type=ct))
+    group.permissions.add(*Permission.objects.filter(Q(codename='add_stepresult') | Q(codename='change_stepresult') | Q(codename='view_stepresult') , content_type=ct))
 
     ct = ContentType.objects.get_for_model(snapshotServer.models.TestCaseInSession)
     group.permissions.add(*Permission.objects.filter(Q(codename='add_testcaseinsession') | Q(codename='change_testcaseinsession') , content_type=ct))

snapshotServer/tests/views/test_ApplicationListView.py → snapshotServer/tests/views/test_application_list_view.py

@@ -5,7 +5,7 @@
 '''
 
 from django.urls.base import reverse
-from snapshotServer.tests.views.Test_Views import TestViews
+from snapshotServer.tests.views.test_views import TestViews
 
 
 class Test_ApplicationListView(TestViews):

snapshotServer/tests/views/test_FieldDetectorView.py → snapshotServer/tests/views/test_field_detector_view.py

@@ -41,7 +41,7 @@ def _post_teardown(self):
 
 
     def setUp(self):
-        print(unittest.TestCase.id(self))
+
         authenticate_test_client_for_api(self.client)
 
         self.testCase = TestCase(name='test upload', application=Application.objects.get(id=1))

snapshotServer/tests/views/test_PictureView.py → snapshotServer/tests/views/test_picture_view.py

@@ -9,7 +9,7 @@
 
 from snapshotServer.controllers.DiffComputer import DiffComputer
 from snapshotServer.models import Snapshot, TestStep, ExcludeZone
-from snapshotServer.tests.views.Test_Views import TestViews
+from snapshotServer.tests.views.test_views import TestViews
 from django.test.client import Client
 from django.contrib.auth.models import User
 

snapshotServer/tests/views/test_RecomputeDiffView.py → snapshotServer/tests/views/test_recompute_diff_view.py

@@ -5,7 +5,7 @@
 '''
 
 from django.urls.base import reverse
-from snapshotServer.tests.views.Test_Views import TestViews
+from snapshotServer.tests.views.test_views import TestViews
 
 
 class Test_RecomputeDiffView(TestViews):

snapshotServer/tests/views/test_ResultTableView.py → snapshotServer/tests/views/test_result_table_view.py

@@ -7,7 +7,7 @@
 from django.urls.base import reverse
 
 from snapshotServer.models import TestEnvironment, TestCase
-from snapshotServer.tests.views.Test_Views import TestViews
+from snapshotServer.tests.views.test_views import TestViews
 
 
 class TestResultTableView(TestViews):

snapshotServer/tests/views/test_SessionListView.py → snapshotServer/tests/views/test_session_list_view.py

@@ -7,7 +7,7 @@
 from django.urls.base import reverse
 
 from snapshotServer.models import TestEnvironment
-from snapshotServer.tests.views.Test_Views import TestViews
+from snapshotServer.tests.views.test_views import TestViews
 
 
 class Test_SessionListView(TestViews):