BE testing

services/core-api/tests/auth/test_expected_auth.py

@@ -3,7 +3,7 @@
 from app.api.utils.access_decorators import VIEW_ALL, MINE_EDIT, MINE_ADMIN, MINESPACE_PROPONENT, EDIT_PARTY, \
  EDIT_PERMIT, EDIT_STANDARD_PERMIT_CONDITIONS, EDIT_DO, EDIT_VARIANCE, EDIT_REPORT, EDIT_SUBMISSIONS, EDIT_SECURITIES, \
  GIS, EDIT_PROJECT_SUMMARIES, EDIT_INCIDENTS, EDIT_TSF, EDIT_INFORMATION_REQUIREMENTS_TABLE, EDIT_REQUIREMENTS, \
- EDIT_MAJOR_MINE_APPLICATIONS, EDIT_PROJECT_DECISION_PACKAGES, EDIT_CODE
+ EDIT_MAJOR_MINE_APPLICATIONS, EDIT_PROJECT_DECISION_PACKAGES, EDIT_CODE, EDIT_HELPDESK
 
 from app.api.mines.documents.resources.mine_document_bundle import MineDocumentBundleResource
 from app.api.download_token.resources.download_token import DownloadTokenResource
@@ -60,7 +60,7 @@
 from app.api.projects.project_decision_package.resources.project_decision_package import ProjectDecisionPackageResource, ProjectDecisionPackageListResource
 from app.api.now_applications.resources.now_application_document_resource import NOWApplicationDocumentIdentityResource
 from app.api.mines.alerts.resources.mine_alert import GlobalMineAlertListResource
-
+from app.api.help.resources.help_resource import HelpResource, HelpListResource
 
 @pytest.mark.parametrize(
     "resource,method,expected_roles",
@@ -167,7 +167,14 @@
      (ProjectDecisionPackageResource, 'put', [MINE_ADMIN, EDIT_PROJECT_DECISION_PACKAGES]),
      (ProjectDecisionPackageListResource, 'post', [MINE_ADMIN, EDIT_PROJECT_DECISION_PACKAGES]),
      (MineDocumentBundleResource, 'get', [VIEW_ALL, MINESPACE_PROPONENT]),
-     (GlobalMineAlertListResource, 'get', [VIEW_ALL])])
+     (GlobalMineAlertListResource, 'get', [VIEW_ALL]),
+     (HelpListResource, 'get', [VIEW_ALL, MINESPACE_PROPONENT]),
+     (HelpResource, 'get', [VIEW_ALL, MINESPACE_PROPONENT]),
+     (HelpResource, 'post', [EDIT_HELPDESK]),
+     (HelpResource, 'put', [EDIT_HELPDESK]),
+     (HelpResource, 'delete', [EDIT_HELPDESK]),
+     ])
+
 def test_endpoint_auth(resource, method, expected_roles):
     endpoint = getattr(resource, method, None)
     assert endpoint != None, '{0} does not have a {1} method.'.format(resource, method.upper())

services/core-api/tests/help/test_help_resource.py

@@ -0,0 +1,105 @@
+import json
+import uuid
+from datetime import datetime, timedelta, date
+from app.api.help.resources.help_resource import SystemFlag
+
+HELP_POST_DATA = {
+    "content": "<p>help content</p>",
+    "help_key": "Test-Key",
+    "page_tab": "all_tabs",
+    "system": "MineSpace"
+}
+
+def test_get_all_help_core(test_client, db_session, auth_headers):
+    # core get all should return CORE + MS records (by default 1 of each)
+    get_resp = test_client.get(
+        '/help', headers=auth_headers['full_auth_header'])
+    get_data = json.loads(get_resp.data.decode())
+
+    assert len(get_data['records']) == 2
+
+    first_record_system = get_data['records'][0]['system']
+    second_record_system = get_data['records'][1]['system']
+    systems = [first_record_system, second_record_system]
+
+    assert str(SystemFlag.ms) in systems
+    assert str(SystemFlag.core) in systems
+
+def test_get_all_help_ms(test_client, db_session, auth_headers):
+    # proponent should only get the single default result
+    get_resp = test_client.get(
+        '/help', headers=auth_headers['proponent_only_auth_header'])
+    get_data = json.loads(get_resp.data.decode())
+
+    assert len(get_data['records']) == 1
+
+    system = get_data['records'][0]['system']
+
+    assert system == str(SystemFlag.ms)
+
+def test_post_help_core(test_client, db_session, auth_headers):
+    # post is allowed with core helpdesk auth
+
+    post_resp = test_client.post(
+        '/help/Test-Key', json=HELP_POST_DATA, headers=auth_headers['full_auth_header'])
+
+    assert post_resp.status_code == 201
+
+    post_data = json.loads(post_resp.data.decode())
+    assert all(
+        str(post_data[k]) == str(HELP_POST_DATA[k])
+        for k in HELP_POST_DATA.keys()
+    )
+def test_post_help_ms(test_client, db_session, auth_headers):
+    # post not allowed with ms auth
+
+    post_resp = test_client.post(
+        '/help/Test-Key', json=HELP_POST_DATA, headers=auth_headers['proponent_only_auth_header'])
+
+    assert post_resp.status_code == 403
+
+def test_get_put_help_core(test_client, db_session, auth_headers):
+    # get should return the matching record + system
+    get_resp = test_client.get(
+        '/help/default?system=CORE', headers=auth_headers['full_auth_header'])
+    get_data = json.loads(get_resp.data.decode())
+
+    assert len(get_data['records']) == 1
+
+    record = get_data['records'][0]
+
+    # put with modifying that data should update the data
+    record['content'] = "<p>Brand new, updated content</p>"
+    put_resp = test_client.put(
+        '/help/default', json=record, headers=auth_headers['full_auth_header'])
+    put_data = json.loads(put_resp.data.decode())
+
+    assert put_data['update_user'] == 'mds'
+
+    assert put_data['content'] == record['content']
+    assert put_data['help_guid'] == record['help_guid']
+    assert put_data['help_key'] == record['help_key']
+    assert put_data['page_tab'] == record['page_tab']
+    assert put_data['system'] == record['system']
+
+def test_get_core_on_ms(test_client, db_session, auth_headers):
+    get_resp = test_client.get(
+        '/help/default?system=CORE', headers=auth_headers['proponent_only_auth_header'])
+    assert get_resp.status_code == 400
+
+def test_get_put_help_ms(test_client, db_session, auth_headers):
+    # get should return the matching record + system
+    get_resp = test_client.get(
+        '/help/default?system=MineSpace', headers=auth_headers['proponent_only_auth_header'])
+    get_data = json.loads(get_resp.data.decode())
+
+    assert len(get_data['records']) == 1
+
+    record = get_data['records'][0]
+
+    # put with modifying that data should be denied
+    record['content'] = "<p>Brand new, updated content</p>"
+    put_resp = test_client.put(
+        '/help/default', json=record, headers=auth_headers['proponent_only_auth_header'])
+
+    assert put_resp.status_code == 403