diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1e45bc4a..97f12a24 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,10 +54,10 @@ jobs: steps: - name: Checkout Code Repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v5.3.0 with: python-version: ${{ matrix.python-version }} cache: pip @@ -78,8 +78,8 @@ jobs: - name: Recompile pip files if requested if: matrix.pip-recompile run: | - pip-compile requirements/requirements.in - pip-compile requirements/test-requirements.in + pip-compile -v requirements/requirements.in + pip-compile -v requirements/test-requirements.in # Print out changes. git diff @@ -93,16 +93,17 @@ jobs: - name: Run tests run: | pytest --cov=gregor_django -n auto - mv .coverage .coverage-${{ strategy.job-index }} + mv .coverage coverage-${{ strategy.job-index }} - name: List files for debugging purposes run: ls -lhta - name: Upload coverage data - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v4.4.3 with: name: coverage-data-${{ strategy.job-index }} - path: .coverage-${{ strategy.job-index }} + path: coverage-${{ strategy.job-index }} + if-no-files-found: error coverage: needs: @@ -110,10 +111,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out the repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v5.3.0 with: python-version: '3.10' @@ -123,13 +124,14 @@ jobs: pip install --upgrade coverage "django<4" django-coverage-plugin - name: Download coverage data - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v4.1.8 with: path: ./artifacts/ - name: Merge coverage files run: | - python -m coverage combine ./artifacts/coverage-data*/.coverage-* + ls -la ./artifacts/coverage-data* + python -m coverage combine ./artifacts/coverage-data*/coverage-* python -m coverage xml ls -la .coverage* @@ -138,6 +140,6 @@ jobs: python -m coverage report - name: Upload coverage to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v4.6.0 with: token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/combine-prs.yml b/.github/workflows/combine-prs.yml index cf9c0d74..82d39e94 100644 --- a/.github/workflows/combine-prs.yml +++ b/.github/workflows/combine-prs.yml @@ -16,7 +16,7 @@ jobs: steps: - name: combine-prs id: combine-prs - uses: github/combine-prs@v5.1.0 + uses: github/combine-prs@v5.2.0 with: labels: combined-pr # Optional: add a label to the combined PR ci_required: true # require all checks to pass before combining diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index 9efde5a6..5c7d8e73 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -10,10 +10,10 @@ jobs: name: gitleaks runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.2.2 with: fetch-depth: 0 - - uses: gitleaks/gitleaks-action@v2 + - uses: gitleaks/gitleaks-action@v2.3.7 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}} # Only required for Organizations, not personal accounts. diff --git a/.github/workflows/pip-compile.yml b/.github/workflows/pip-compile.yml index 95d11720..56e355b5 100644 --- a/.github/workflows/pip-compile.yml +++ b/.github/workflows/pip-compile.yml @@ -13,17 +13,17 @@ jobs: steps: - name: Checkout Code Repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: ref: ${{ github.head_ref }} - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v5.3.0 with: python-version: "3.10" - name: Update requirements files - uses: UW-GAC/pip-tools-actions/update-requirements-files@v0.1 + uses: UW-GAC/pip-tools-actions/update-requirements-files@v0.2 with: requirements_files: |- requirements/requirements.in diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 06d31928..34714409 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,10 +1,10 @@ exclude: 'docs|node_modules|migrations|.git|.tox' -default_stages: [commit] +default_stages: [pre-commit] fail_fast: true repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.6.0 + rev: v5.0.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer @@ -12,7 +12,7 @@ repos: - repo: https://github.com/astral-sh/ruff-pre-commit # Ruff version. - rev: v0.6.2 + rev: v0.7.0 hooks: # Run the linter. - id: ruff @@ -21,7 +21,7 @@ repos: - id: ruff-format - repo: https://github.com/gitleaks/gitleaks - rev: v8.18.4 + rev: v8.21.1 hooks: - id: gitleaks diff --git a/add_upload_workspace_audit_test_data.py b/add_upload_cycle_audit_test_data.py similarity index 85% rename from add_upload_workspace_audit_test_data.py rename to add_upload_cycle_audit_test_data.py index 704c19de..ded2a130 100644 --- a/add_upload_workspace_audit_test_data.py +++ b/add_upload_cycle_audit_test_data.py @@ -17,6 +17,7 @@ rc_1_uploader_group = ManagedGroupFactory(name="DEMO_RC1_UPLOADERS") rc_1_nonmember_group = ManagedGroupFactory(name="DEMO_RC1_NONMEMBERS") gregor_all_group = ManagedGroupFactory(name="GREGOR_ALL") +combined_auth_domain = ManagedGroupFactory(name="AUTH_GREGOR_COMBINED") # Create an RC rc = factories.ResearchCenterFactory.create( @@ -27,8 +28,20 @@ non_member_group=rc_1_nonmember_group, ) +# Add GREGOR_ALL and DCC_ADMINS to the combined auth domain. +GroupGroupMembershipFactory.create( + parent_group=combined_auth_domain, + child_group=gregor_all_group, + role=GroupGroupMembership.MEMBER, +) +GroupGroupMembershipFactory.create( + parent_group=combined_auth_domain, + child_group=dcc_admin_group, + role=GroupGroupMembership.ADMIN, +) -# Create a future upload cycle. + +## Future upload cycle. upload_cycle = factories.UploadCycleFactory.create( cycle=1, is_future=True, @@ -39,7 +52,7 @@ workspace__name="TEST_U01_RC1", ) -# Create a current upload cycle before compute. +## Current upload cycle before compute. upload_cycle = factories.UploadCycleFactory.create( cycle=2, is_current=True, @@ -111,7 +124,7 @@ ) -# Create a current upload cycle after compute. +## Current upload cycle after compute. upload_cycle = factories.UploadCycleFactory.create( cycle=3, is_current=True, @@ -256,7 +269,7 @@ role=GroupGroupMembership.ADMIN, ) -# Create a past upload cycle after QC is completed. +## Past upload cycle after QC is completed; combined workspace is not complete. upload_cycle = factories.UploadCycleFactory.create( cycle=5, is_past=True, @@ -320,8 +333,18 @@ child_group=dcc_admin_group, role=GroupGroupMembership.ADMIN, ) +# Create the combined workspace and its records. +combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle=upload_cycle, + workspace__name="TEST_U05_COMBINED", +) +# Delete the auth domain created by the factory and add the shared auth domain. +combined_workspace.workspace.authorization_domains.clear() +combined_workspace.workspace.authorization_domains.add(combined_auth_domain) +# No sharing records yet. + -# Create a past upload cycle with a combined workspace. +## Past upload cycle with a combined workspace. upload_cycle = factories.UploadCycleFactory.create( cycle=6, is_past=True, @@ -332,11 +355,6 @@ workspace__name="TEST_U06_RC1", date_qc_completed=timezone.now(), ) -factories.CombinedConsortiumDataWorkspaceFactory.create( - upload_cycle=upload_cycle, - date_completed=timezone.now(), - workspace__name="TEST_U06_COMBINED", -) # Create records as appropriate for the previous point in the cycle - past cycle before QC complete. # Auth domain. WorkspaceGroupSharingFactory.create( @@ -383,3 +401,31 @@ child_group=dcc_admin_group, role=GroupGroupMembership.ADMIN, ) +# Create the combined workspace and its records. +combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle=upload_cycle, + date_completed=timezone.now(), + workspace__name="TEST_U06_COMBINED", +) +# Delete the auth domain created by the factory and add the shared auth domain. +combined_workspace.workspace.authorization_domains.clear() +combined_workspace.workspace.authorization_domains.add(combined_auth_domain) +# Add sharing records from previous step - DCC admins, writers, and members. +WorkspaceGroupSharingFactory.create( + workspace=combined_workspace.workspace, + group=dcc_admin_group, + access=WorkspaceGroupSharing.OWNER, + can_compute=True, +) +WorkspaceGroupSharingFactory.create( + workspace=combined_workspace.workspace, + group=dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, +) +WorkspaceGroupSharingFactory.create( + workspace=combined_workspace.workspace, + group=dcc_member_group, + access=WorkspaceGroupSharing.READER, + can_compute=False, +) diff --git a/config/settings/base.py b/config/settings/base.py index 5539f254..f33bb9ec 100644 --- a/config/settings/base.py +++ b/config/settings/base.py @@ -155,6 +155,7 @@ "maintenance_mode.middleware.MaintenanceModeMiddleware", "simple_history.middleware.HistoryRequestMiddleware", "django_htmx.middleware.HtmxMiddleware", + "allauth.account.middleware.AccountMiddleware", ] # STATIC diff --git a/gregor_apps.cron b/gregor_apps.cron index 38bf78ad..2be3d68f 100644 --- a/gregor_apps.cron +++ b/gregor_apps.cron @@ -10,3 +10,9 @@ MAILTO="gregorweb@uw.edu" # Nightly user data audit 0 3 * * * . /var/www/django/gregor_apps/gregor-apps-activate.sh; python manage.py sync-drupal-data --update --email gregorweb@uw.edu >> cron.log + +# Nightly upload workspace audit +0 3 * * * . /var/www/django/gregor_apps/gregor-apps-activate.sh; python manage.py run_upload_workspace_audit --email gregorweb@uw.edu >> cron.log + +# Nightly combined workspace audit +0 3 * * * . /var/www/django/gregor_apps/gregor-apps-activate.sh; python manage.py run_combined_workspace_audit --email gregorweb@uw.edu >> cron.log diff --git a/gregor_django/drupal_oauth_provider/provider.py b/gregor_django/drupal_oauth_provider/provider.py index ef2d9c93..c7c36f60 100644 --- a/gregor_django/drupal_oauth_provider/provider.py +++ b/gregor_django/drupal_oauth_provider/provider.py @@ -2,11 +2,14 @@ from allauth.account.models import EmailAddress from allauth.socialaccount import app_settings, providers +from allauth.socialaccount.adapter import get_adapter from allauth.socialaccount.providers.base import ProviderAccount from allauth.socialaccount.providers.oauth2.provider import OAuth2Provider from django.conf import settings from django.core.exceptions import ImproperlyConfigured +from .views import CustomAdapter + logger = logging.getLogger(__name__) DRUPAL_PROVIDER_ID = "drupal_oauth_provider" @@ -27,6 +30,13 @@ class CustomProvider(OAuth2Provider): id = DRUPAL_PROVIDER_ID name = OVERRIDE_NAME account_class = CustomAccount + oauth2_adapter_class = CustomAdapter + supports_token_authentication = True + + def __init__(self, request, app=None): + if app is None: + app = get_adapter().get_app(request, self.id) + super().__init__(request, app=app) def extract_uid(self, data): return str(data["sub"]) diff --git a/gregor_django/drupal_oauth_provider/tests.py b/gregor_django/drupal_oauth_provider/tests.py index 7fc52d06..ca2b598d 100644 --- a/gregor_django/drupal_oauth_provider/tests.py +++ b/gregor_django/drupal_oauth_provider/tests.py @@ -1,11 +1,19 @@ +import base64 import datetime +import hashlib import json +from urllib.parse import parse_qs, urlparse import jwt +import requests +from allauth.socialaccount import app_settings from allauth.socialaccount.adapter import get_adapter +from allauth.socialaccount.models import SocialApp from allauth.socialaccount.tests import OAuth2TestsMixin from allauth.tests import MockedResponse, TestCase from django.conf import settings +from django.contrib.auth import get_user_model +from django.contrib.sites.models import Site from django.core.exceptions import ImproperlyConfigured from django.test import RequestFactory from django.test.utils import override_settings @@ -83,10 +91,19 @@ def sign_id_token(payload): # disable token storing for testing as it conflicts with drupals use # of tokens for user info -@override_settings(SOCIALACCOUNT_STORE_TOKENS=False) +@override_settings(SOCIALACCOUNT_STORE_TOKENS=True) class CustomProviderTests(OAuth2TestsMixin, TestCase): provider_id = CustomProvider.id + def setUp(self): + super(CustomProviderTests, self).setUp() + # workaround to create a session. see: + # https://code.djangoproject.com/ticket/11475 + User = get_user_model() + User.objects.create_user("testuser", "testuser@testuser.com", "testpw") + self.client.login(username="testuser", password="testpw") + self.setup_time = datetime.datetime.now(datetime.timezone.utc) + # Provide two mocked responses, first is to the public key request # second is used for the profile request for extra data def get_mocked_response(self): @@ -104,21 +121,83 @@ def get_mocked_response(self): ), ] - # This login response mimics drupals in that it contains a set of scopes - # and the uid which has the name sub - def get_login_response_json(self, with_refresh_token=True): - now = datetime.datetime.now(datetime.timezone.utc) + def login(self, resp_mock=None, process="login", with_refresh_token=True): + """ + Unfortunately due to how our provider works we need to alter + this test login function as the default one fails. + """ + with self.mocked_response(): + resp = self.client.post(self.provider.get_login_url(self.request, process=process)) + p = urlparse(resp["location"]) + q = parse_qs(p.query) + pkce_enabled = app_settings.PROVIDERS.get(self.app.provider, {}).get( + "OAUTH_PKCE_ENABLED", self.provider.pkce_enabled_default + ) + + self.assertEqual("code_challenge" in q, pkce_enabled) + self.assertEqual("code_challenge_method" in q, pkce_enabled) + if pkce_enabled: + code_challenge = q["code_challenge"][0] + self.assertEqual(q["code_challenge_method"][0], "S256") + + complete_url = self.provider.get_callback_url() + self.assertGreater(q["redirect_uri"][0].find(complete_url), 0) + response_json = self.get_login_response_json(with_refresh_token=with_refresh_token) + + resp_mocks = resp_mock if isinstance(resp_mock, list) else ([resp_mock] if resp_mock is not None else []) + + with self.mocked_response( + MockedResponse(200, response_json, {"content-type": "application/json"}), + *resp_mocks, + ): + resp = self.client.get(complete_url, self.get_complete_parameters(q)) + + # Find the access token POST request, and assert that it contains + # the correct code_verifier if and only if PKCE is enabled + request_calls = requests.Session.request.call_args_list + + for args, kwargs in request_calls: + data = kwargs.get("data", {}) + if ( + args + and args[0] == "POST" + and isinstance(data, dict) + and data.get("redirect_uri", "").endswith(complete_url) + ): + self.assertEqual("code_verifier" in data, pkce_enabled) + + if pkce_enabled: + hashed_code_verifier = hashlib.sha256(data["code_verifier"].encode("ascii")) + expected_code_challenge = ( + base64.urlsafe_b64encode(hashed_code_verifier.digest()).rstrip(b"=").decode() + ) + self.assertEqual(code_challenge, expected_code_challenge) + + return resp + + def get_id_token(self): app = get_adapter().get_app(request=None, provider=self.provider_id) allowed_audience = app.client_id - id_token = sign_id_token( + return sign_id_token( { - "exp": now + datetime.timedelta(hours=1), - "iat": now, + "exp": self.setup_time + datetime.timedelta(hours=1), + "iat": self.setup_time, "aud": allowed_audience, "scope": ["authenticated", "oauth_client_user"], "sub": 20122, } ) + + def get_access_token(self) -> str: + return self.get_id_token() + + def get_expected_to_str(self): + return "test@testmaster.net" + + # This login response mimics drupals in that it contains a set of scopes + # and the uid which has the name sub + def get_login_response_json(self, with_refresh_token=True): + id_token = self.get_id_token() response_data = { "access_token": id_token, "expires_in": 3600, @@ -131,6 +210,26 @@ def get_login_response_json(self, with_refresh_token=True): class TestProviderConfig(TestCase): + def setUp(self): + # workaround to create a session. see: + # https://code.djangoproject.com/ticket/11475 + current_site = Site.objects.get_current() + app = SocialApp.objects.create( + provider=CustomProvider.id, + name=CustomProvider.id, + client_id="app123id", + key=CustomProvider.id, + secret="dummy", + ) + self.app = app + self.app.sites.add(current_site) + + def test_custom_provider_no_app(self): + rf = RequestFactory() + request = rf.get("/fake-url/") + provider = CustomProvider(request) + assert provider.app is not None + def test_custom_provider_scope_config(self): custom_provider_settings = settings.SOCIALACCOUNT_PROVIDERS rf = RequestFactory() @@ -138,7 +237,7 @@ def test_custom_provider_scope_config(self): custom_provider_settings["drupal_oauth_provider"]["SCOPES"] = None with override_settings(SOCIALACCOUNT_PROVIDERS=custom_provider_settings): with self.assertRaises(ImproperlyConfigured): - CustomProvider(request).get_provider_scope_config() + CustomProvider(request, app=self.app).get_provider_scope_config() def test_custom_provider_scope_detail_config(self): custom_provider_settings = settings.SOCIALACCOUNT_PROVIDERS @@ -153,7 +252,7 @@ def test_custom_provider_scope_detail_config(self): ] with override_settings(SOCIALACCOUNT_PROVIDERS=custom_provider_settings): with self.assertRaises(ImproperlyConfigured): - CustomProvider(request).get_provider_managed_scope_status() + CustomProvider(request, app=self.app).get_provider_managed_scope_status() def test_custom_provider_has_scope(self): custom_provider_settings = settings.SOCIALACCOUNT_PROVIDERS @@ -167,4 +266,4 @@ def test_custom_provider_has_scope(self): } ] with override_settings(SOCIALACCOUNT_PROVIDERS=custom_provider_settings): - CustomProvider(request).get_provider_managed_scope_status(scopes_granted=["X"]) + CustomProvider(request, app=self.app).get_provider_managed_scope_status(scopes_granted=["X"]) diff --git a/gregor_django/drupal_oauth_provider/views.py b/gregor_django/drupal_oauth_provider/views.py index 317021a8..80274a40 100644 --- a/gregor_django/drupal_oauth_provider/views.py +++ b/gregor_django/drupal_oauth_provider/views.py @@ -12,13 +12,11 @@ OAuth2LoginView, ) -from .provider import CustomProvider - logger = logging.getLogger(__name__) class CustomAdapter(OAuth2Adapter): - provider_id = CustomProvider.id + provider_id = "drupal_oauth_provider" provider_settings = app_settings.PROVIDERS.get(provider_id, {}) diff --git a/gregor_django/gregor_anvil/audit/combined_workspace_audit.py b/gregor_django/gregor_anvil/audit/combined_workspace_audit.py new file mode 100644 index 00000000..05a8e7fc --- /dev/null +++ b/gregor_django/gregor_anvil/audit/combined_workspace_audit.py @@ -0,0 +1,376 @@ +import django_tables2 as tables +from anvil_consortium_manager.models import GroupGroupMembership, ManagedGroup, WorkspaceGroupSharing +from django.conf import settings +from django.db.models import Q, QuerySet + +from ..models import CombinedConsortiumDataWorkspace +from ..tables import BooleanIconColumn +from . import workspace_auth_domain_audit_results, workspace_sharing_audit_results +from .base import GREGoRAudit + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditTable(tables.Table): + """A table to display the audit results of the sharing of a combined consortium data workspace.""" + + workspace = tables.Column(verbose_name="Workspace") + managed_group = tables.Column(verbose_name="Group") + role = tables.Column(verbose_name="Current role") + note = tables.Column() + action = tables.TemplateColumn( + # Temporarily use this button template, until we have the resolve view working for this workspace type. + template_name="gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_action_button.html" + ) + + class Meta: + attrs = {"class": "table align-middle"} + + +class CombinedConsortiumDataWorkspaceAuthDomainAudit(GREGoRAudit): + results_table_class = CombinedConsortiumDataWorkspaceAuthDomainAuditTable + + DCC_ADMIN_AS_ADMIN = "The DCC admins group should always be an admin." + GREGOR_ALL_AS_MEMBER = "The GREGOR_ALL group should always be a member." + OTHER_GROUP = "This group should not have access to this workspace." + + def __init__(self, queryset=None): + super().__init__() + if queryset is None: + queryset = CombinedConsortiumDataWorkspace.objects.all() + elif not (isinstance(queryset, QuerySet) and queryset.model == CombinedConsortiumDataWorkspace): + raise ValueError("queryset must be a QuerySet of CombinedConsortiumDataWorkspace objects.") + self.queryset = queryset + + def _run_audit(self): + for workspace in self.queryset: + self.audit_combined_workspace(workspace) + + def _get_current_membership(self, combined_workspace, managed_group): + try: + current_membership = GroupGroupMembership.objects.get( + parent_group=combined_workspace.workspace.authorization_domains.first(), child_group=managed_group + ) + except GroupGroupMembership.DoesNotExist: + current_membership = None + return current_membership + + def audit_combined_workspace(self, combined_workspace): + """Audit the auth domain membership of a single CombinedWorkspace.""" + group_names = [ + "GREGOR_ALL", + settings.ANVIL_DCC_ADMINS_GROUP_NAME, + ] + groups_to_audit = ManagedGroup.objects.filter( + # Specific groups to include. + Q(name__in=group_names) + | + # Any other groups that are members. + Q(parent_memberships__parent_group=combined_workspace.workspace.authorization_domains.first()) + ).distinct() + + for group in groups_to_audit: + self.audit_workspace_and_group(combined_workspace, group) + + def audit_workspace_and_group(self, combined_workspace, managed_group): + if managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: + self._audit_workspace_and_dcc_admin_group(combined_workspace, managed_group) + elif managed_group.name == "GREGOR_ALL": + self._audit_workspace_and_gregor_all_group(combined_workspace, managed_group) + elif managed_group.name in ["anvil-admins", "anvil_devs"]: + self._audit_workspace_and_anvil_group(combined_workspace, managed_group) + else: + self._audit_workspace_and_other_group(combined_workspace, managed_group) + + def _audit_workspace_and_dcc_admin_group(self, combined_workspace, managed_group): + """Audit the auth domain membership for a specific workspace and the DCC admins group. + + Expectations: + - Admin at all times. + """ + current_membership = self._get_current_membership(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": current_membership, + "note": self.DCC_ADMIN_AS_ADMIN, + } + + if current_membership and current_membership.role == GroupGroupMembership.ADMIN: + self.verified.append(workspace_auth_domain_audit_results.VerifiedAdmin(**audit_result_args)) + elif current_membership and current_membership.role == GroupGroupMembership.MEMBER: + self.needs_action.append(workspace_auth_domain_audit_results.ChangeToAdmin(**audit_result_args)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddAdmin(**audit_result_args)) + + def _audit_workspace_and_gregor_all_group(self, combined_workspace, managed_group): + """Audit the auth domain membership for a specific workspace and the GREGOR_ALL group. + + Expectations: + - Member at all times. + """ + current_membership = self._get_current_membership(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": current_membership, + "note": self.GREGOR_ALL_AS_MEMBER, + } + + if not current_membership: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(**audit_result_args)) + elif current_membership and current_membership.role == GroupGroupMembership.MEMBER: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(**audit_result_args)) + else: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(**audit_result_args)) + + def _audit_workspace_and_anvil_group(self, combined_workspace, managed_group): + """Audit the auth domain membership for a specific workspace and the AnVIL admins/devs groups. + + We do not want to make any assumptions about the access of these groups.""" + pass + + def _audit_workspace_and_other_group(self, combined_workspace, managed_group): + """Audit the auth domain membership for a specific workspace and any other group. + + Expectations: + - Not a member at any time. + """ + current_membership = self._get_current_membership(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": current_membership, + "note": self.OTHER_GROUP, + } + + if current_membership: + self.errors.append(workspace_auth_domain_audit_results.Remove(**audit_result_args)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(**audit_result_args)) + + +class CombinedConsortiumDataWorkspaceSharingAuditTable(tables.Table): + """A table to display the audit results of the sharing of a combined consortium data workspace.""" + + workspace = tables.Column(linkify=True) + managed_group = tables.Column(linkify=True) + access = tables.Column(verbose_name="Current access") + can_compute = BooleanIconColumn(show_false_icon=True, null=True, true_color="black", false_color="black") + note = tables.Column() + action = tables.TemplateColumn( + template_name="gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_action_button.html" + ) + + class Meta: + attrs = {"class": "table align-middle"} + + +class CombinedConsortiumDataWorkspaceSharingAudit(GREGoRAudit): + """A class to audit the sharing of a combined consortium data workspace.""" + + DCC_ADMIN_AS_OWNER = "DCC Admins should always be a workspace owner." + DCC_WRITERS_BEFORE_COMPLETE = "DCC writers should have write and compute access before the workspace is completed." + DCC_WRITERS_AFTER_COMPLETE = "DCC writers should not have direct access after the workspace is completed." + DCC_MEMBERS_BEFORE_COMPLETE = "DCC members should have read access before the workspace is completed." + DCC_MEMBERS_AFTER_COMPLETE = "DCC members should not have direct access after the workspace is completed." + AUTH_DOMAIN_BEFORE_COMPLETE = "The auth domain should not have access before the workspace is completed." + AUTH_DOMAIN_AFTER_COMPLETE = "The auth domain should have read access after the workspace is completed." + GREGOR_ALL_BEFORE = "This group should not have access to this workspace before it is completed." + GREGOR_ALL_AFTER = "This group should have read access to this workspace after it is completed." + OTHER_GROUP = "This group should not have access to this workspace." + + results_table_class = CombinedConsortiumDataWorkspaceSharingAuditTable + + def __init__(self, queryset=None): + super().__init__() + if queryset is None: + queryset = CombinedConsortiumDataWorkspace.objects.all() + elif not (isinstance(queryset, QuerySet) and queryset.model == CombinedConsortiumDataWorkspace): + raise ValueError("queryset must be a QuerySet of CombinedConsortiumDataWorkspace objects.") + self.queryset = queryset + + def _run_audit(self): + for workspace in self.queryset: + self.audit_combined_workspace(workspace) + + def _get_current_sharing(self, upload_workspace, managed_group): + try: + current_sharing = WorkspaceGroupSharing.objects.get( + workspace=upload_workspace.workspace, group=managed_group + ) + except WorkspaceGroupSharing.DoesNotExist: + current_sharing = None + return current_sharing + + def audit_combined_workspace(self, combined_workspace): + """Audit sharing for a specific combined workspace.""" + # raise NotImplementedError("write this.") + # Get a list of managed groups that should be included in this audit. + group_names_to_include = [ + "GREGOR_DCC_MEMBERS", # DCC members + "GREGOR_DCC_WRITERS", # DCC writers + settings.ANVIL_DCC_ADMINS_GROUP_NAME, # DCC admins + "anvil-admins", # AnVIL admins + "anvil_devs", # AnVIL devs + ] + groups_to_audit = ManagedGroup.objects.filter( + # Specific groups from above. + Q(name__in=group_names_to_include) + | + # Auth domain. + Q(workspaceauthorizationdomain__workspace=combined_workspace.workspace) + | + # Groups that the workspace is shared with. + Q(workspacegroupsharing__workspace=combined_workspace.workspace) + ).distinct() + + for group in groups_to_audit: + self.audit_workspace_and_group(combined_workspace, group) + + def audit_workspace_and_group(self, combined_workspace, managed_group): + """Audit sharing for a specific workspace and group.""" + if managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: + self._audit_workspace_and_dcc_admin_group(combined_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_WRITERS": + self._audit_combined_workspace_and_dcc_writer_group(combined_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_MEMBERS": + self._audit_combined_workspace_and_dcc_member_group(combined_workspace, managed_group) + elif managed_group in combined_workspace.workspace.authorization_domains.all(): + self._audit_combined_workspace_and_auth_domain(combined_workspace, managed_group) + elif managed_group.name in ["anvil-admins", "anvil_devs"]: + self._audit_combined_workspace_and_anvil_group(combined_workspace, managed_group) + else: + self._audit_combined_workspace_and_other_group(combined_workspace, managed_group) + + def _audit_workspace_and_dcc_admin_group(self, combined_workspace, managed_group): + """Audit access for a specific UploadWorkspace and the DCC admin group. + + Sharing expectations: + - Owner access at all times. + """ + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + "note": self.DCC_ADMIN_AS_OWNER, + } + + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.verified.append(workspace_sharing_audit_results.VerifiedShared(**audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.ShareAsOwner(**audit_result_args)) + + def _audit_combined_workspace_and_dcc_writer_group(self, combined_workspace, managed_group): + """Audit access for a specific combined workspace and the DCC Writers group. + + Sharing expectations: + - Write+compute access before the workspace is completed. + - No access after the workspace is completed. + """ + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if not combined_workspace.date_completed: + note = self.DCC_WRITERS_BEFORE_COMPLETE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args) + ) + else: + note = self.DCC_WRITERS_AFTER_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + + def _audit_combined_workspace_and_dcc_member_group(self, combined_workspace, managed_group): + """Audit access for a specific combined workspace and the DCC members group. + + Sharing expectations: + - Read access before the workspace is completed. + - No access after the workspace is completed. + """ + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if not combined_workspace.date_completed: + note = self.DCC_MEMBERS_BEFORE_COMPLETE + if not current_sharing: + self.needs_action.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.errors.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + else: + note = self.DCC_MEMBERS_AFTER_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + + def _audit_combined_workspace_and_auth_domain(self, combined_workspace, managed_group): + """Audit access for a specific combined workspace and its auth domain. + + Sharing expectations: + - Not shared before the workspace is completed. + - Read after the workspace is completed. + """ + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if not combined_workspace.date_completed: + note = self.AUTH_DOMAIN_BEFORE_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + else: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + note = self.AUTH_DOMAIN_AFTER_COMPLETE + if not current_sharing: + self.needs_action.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.errors.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + + def _audit_combined_workspace_and_anvil_group(self, combined_workspace, managed_group): + pass + + def _audit_combined_workspace_and_other_group(self, combined_workspace, managed_group): + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + "note": self.OTHER_GROUP, + } + + if current_sharing: + self.errors.append(workspace_sharing_audit_results.StopSharing(**audit_result_args)) + else: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(**audit_result_args)) diff --git a/gregor_django/gregor_anvil/audit/upload_workspace_audit.py b/gregor_django/gregor_anvil/audit/upload_workspace_audit.py new file mode 100644 index 00000000..bde9201d --- /dev/null +++ b/gregor_django/gregor_anvil/audit/upload_workspace_audit.py @@ -0,0 +1,782 @@ +import django_tables2 as tables +from anvil_consortium_manager.models import GroupGroupMembership, ManagedGroup, WorkspaceGroupSharing +from django.conf import settings +from django.db.models import Q, QuerySet + +from ..models import CombinedConsortiumDataWorkspace, UploadWorkspace +from ..tables import BooleanIconColumn +from . import workspace_auth_domain_audit_results, workspace_sharing_audit_results +from .base import GREGoRAudit + + +class UploadWorkspaceAuthDomainAuditTable(tables.Table): + """A table to show results from a UploadWorkspaceAuthDomainAudit subclass.""" + + workspace = tables.Column(linkify=True) + managed_group = tables.Column(linkify=True) + # is_shared = tables.Column() + role = tables.Column(verbose_name="Current role") + note = tables.Column() + # action = tables.Column() + action = tables.TemplateColumn( + template_name="gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html" + ) + + class Meta: + attrs = {"class": "table align-middle"} + + +class UploadWorkspaceAuthDomainAudit(GREGoRAudit): + """A class to hold audit results for the GREGoR UploadWorkspace auth domain audit.""" + + # RC notes. + RC_FUTURE_CYCLE = "RC groups should not be in the auth domain until the upload cycle starts." + RC_UPLOADERS_BEFORE_QC = "RC uploader group should be a member of the auth domain before QC is complete." + RC_UPLOADERS_AFTER_QC = "RC uploader group should not be a member of the auth domain after QC is complete." + RC_MEMBERS_BEFORE_COMBINED = ( + "RC member group should be a member of the auth domain before the combined workspace is complete." + ) + RC_MEMBERS_AFTER_COMBINED = ( + "RC member group should not be a member of the auth domain after the combined workspace is complete." + ) + RC_NON_MEMBERS_AFTER_START = ( + "RC non-member group should be a member of the auth domain for current and past upload cycles." + ) + + # DCC notes. + DCC_ADMINS = "DCC admin group should always be an admin of the auth domain." + DCC_BEFORE_COMBINED = "DCC groups should be a member of the auth domain before the combined workspace is complete." + DCC_AFTER_COMBINED = ( + "DCC groups should not be direct members of the auth domain after the combined workspace is complete." + ) + + # GREGOR_ALL notes. + GREGOR_ALL_BEFORE_COMBINED = "GREGOR_ALL should not have access before the combined workspace is complete." + GREGOR_ALL_AFTER_COMBINED = ( + "GREGOR_ALL should be a member of the auth domain after the combined workspace is complete." + ) + + # Other group notes. + OTHER_GROUP = "This group should not have access to the auth domain." + UNEXPECTED_ADMIN = "Only the DCC admins group should be an admin of the auth domain." + + results_table_class = UploadWorkspaceAuthDomainAuditTable + + def __init__(self, queryset=None): + super().__init__() + if queryset is None: + queryset = UploadWorkspace.objects.all() + if not (isinstance(queryset, QuerySet) and queryset.model is UploadWorkspace): + raise ValueError("queryset must be a queryset of UploadWorkspace objects.") + self.queryset = queryset + + def _run_audit(self): + for workspace in self.queryset: + self.audit_upload_workspace(workspace) + + def _get_current_membership(self, upload_workspace, managed_group): + try: + current_membership = GroupGroupMembership.objects.get( + parent_group=upload_workspace.workspace.authorization_domains.first(), child_group=managed_group + ) + except GroupGroupMembership.DoesNotExist: + current_membership = None + return current_membership + + def _get_combined_workspace(self, upload_cycle): + """Returns the combined workspace, but only if it is ready for sharing.""" + try: + combined_workspace = CombinedConsortiumDataWorkspace.objects.get( + upload_cycle=upload_cycle, date_completed__isnull=False + ) + except CombinedConsortiumDataWorkspace.DoesNotExist: + combined_workspace = None + return combined_workspace + + def audit_upload_workspace(self, upload_workspace): + """Audit the auth domain membership of a single UploadWorkspace.""" + research_center = upload_workspace.research_center + group_names = [ + "GREGOR_ALL", + "GREGOR_DCC_MEMBERS", + "GREGOR_DCC_WRITERS", + settings.ANVIL_DCC_ADMINS_GROUP_NAME, + ] + groups_to_audit = ManagedGroup.objects.filter( + # RC uploader group. + Q(research_center_of_uploaders=research_center) + | + # RC member group. + Q(research_center_of_members=research_center) + | + # RC non-member group. + Q(research_center_of_non_members=research_center) + | + # Other sepcific groups to include. + Q(name__in=group_names) + | + # Any other groups that are members. + Q(parent_memberships__parent_group=upload_workspace.workspace.authorization_domains.first()) + ).distinct() + + for group in groups_to_audit: + self.audit_workspace_and_group(upload_workspace, group) + + def audit_workspace_and_group(self, upload_workspace, managed_group): + if managed_group == upload_workspace.research_center.uploader_group: + self._audit_workspace_and_group_for_rc_uploaders(upload_workspace, managed_group) + elif managed_group == upload_workspace.research_center.member_group: + self._audit_workspace_and_group_for_rc_members(upload_workspace, managed_group) + elif managed_group == upload_workspace.research_center.non_member_group: + self._audit_workspace_and_group_for_rc_non_members(upload_workspace, managed_group) + elif managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: + self._audit_workspace_and_group_for_dcc_admin(upload_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_WRITERS": + self._audit_workspace_and_group_for_dcc(upload_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_MEMBERS": + self._audit_workspace_and_group_for_dcc(upload_workspace, managed_group) + elif managed_group.name == "GREGOR_ALL": + self._audit_workspace_and_group_for_gregor_all(upload_workspace, managed_group) + elif managed_group.name == "anvil-admins": + self._audit_workspace_and_anvil_group(upload_workspace, managed_group) + elif managed_group.name == "anvil_devs": + self._audit_workspace_and_anvil_group(upload_workspace, managed_group) + else: + self._audit_workspace_and_other_group(upload_workspace, managed_group) + + def _audit_workspace_and_group_for_rc_uploaders(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + } + + # Otherwise, proceed with other checks. + if upload_workspace.upload_cycle.is_future: + note = self.RC_FUTURE_CYCLE + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + elif upload_workspace.upload_cycle.is_current: + note = self.RC_UPLOADERS_BEFORE_QC + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(note=note, **result_kwargs)) + elif membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(note=note, **result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(note=note, **result_kwargs)) + elif upload_workspace.upload_cycle.is_past and not upload_workspace.date_qc_completed: + note = self.RC_UPLOADERS_BEFORE_QC + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(note=note, **result_kwargs)) + elif membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(note=note, **result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(note=note, **result_kwargs)) + else: + note = self.RC_UPLOADERS_AFTER_QC + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + + def _audit_workspace_and_group_for_rc_members(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + } + + if upload_workspace.upload_cycle.is_future: + note = self.RC_FUTURE_CYCLE + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + elif not combined_workspace: + note = self.RC_MEMBERS_BEFORE_COMBINED + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(note=note, **result_kwargs)) + elif membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(note=note, **result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(note=note, **result_kwargs)) + else: + note = self.RC_MEMBERS_AFTER_COMBINED + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + + def _audit_workspace_and_group_for_rc_non_members(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + } + + if upload_workspace.upload_cycle.is_future: + note = self.RC_FUTURE_CYCLE + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + else: + note = self.RC_NON_MEMBERS_AFTER_START + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(note=note, **result_kwargs)) + elif membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(note=note, **result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(note=note, **result_kwargs)) + + def _audit_workspace_and_group_for_dcc_admin(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + if not membership: + self.needs_action.append( + workspace_auth_domain_audit_results.AddAdmin( + workspace=upload_workspace.workspace, + managed_group=managed_group, + note=self.DCC_ADMINS, + current_membership_instance=membership, + ) + ) + elif membership.role == GroupGroupMembership.ADMIN: + self.verified.append( + workspace_auth_domain_audit_results.VerifiedAdmin( + workspace=upload_workspace.workspace, + managed_group=managed_group, + note=self.DCC_ADMINS, + current_membership_instance=membership, + ) + ) + else: + self.needs_action.append( + workspace_auth_domain_audit_results.ChangeToAdmin( + workspace=upload_workspace.workspace, + managed_group=managed_group, + note=self.DCC_ADMINS, + current_membership_instance=membership, + ) + ) + + def _audit_workspace_and_group_for_dcc(self, upload_workspace, managed_group): + combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) + membership = self._get_current_membership(upload_workspace, managed_group) + if combined_workspace: + note = self.DCC_AFTER_COMBINED + else: + note = self.DCC_BEFORE_COMBINED + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + "note": note, + } + + if not combined_workspace and not membership: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(**result_kwargs)) + elif not combined_workspace and membership: + if membership.role == GroupGroupMembership.MEMBER: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(**result_kwargs)) + else: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(**result_kwargs)) + elif combined_workspace and not membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(**result_kwargs)) + elif combined_workspace and membership: + if membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(**result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(**result_kwargs)) + + def _audit_workspace_and_group_for_gregor_all(self, upload_workspace, managed_group): + combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) + membership = self._get_current_membership(upload_workspace, managed_group) + if combined_workspace: + note = self.GREGOR_ALL_AFTER_COMBINED + else: + note = self.GREGOR_ALL_BEFORE_COMBINED + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + "note": note, + } + + if not combined_workspace and not membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(**result_kwargs)) + elif not combined_workspace and membership: + self.errors.append(workspace_auth_domain_audit_results.Remove(**result_kwargs)) + elif combined_workspace and not membership: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(**result_kwargs)) + elif combined_workspace and membership: + if membership.role == GroupGroupMembership.MEMBER: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(**result_kwargs)) + else: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(**result_kwargs)) + + def _audit_workspace_and_anvil_group(self, upload_workspace, managed_group): + """Ignore the AnVIL groups in this audit. + + We don't want to make assumptions about what access level AnVIL has.""" + pass + + def _audit_workspace_and_other_group(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + "note": self.OTHER_GROUP, + } + + if not membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(**result_kwargs)) + elif membership: + self.errors.append(workspace_auth_domain_audit_results.Remove(**result_kwargs)) + + +class UploadWorkspaceSharingAuditTable(tables.Table): + """A table to show results from a UploadWorkspaceSharingAudit subclass.""" + + workspace = tables.Column(linkify=True) + managed_group = tables.Column(linkify=True) + access = tables.Column(verbose_name="Current access") + can_compute = BooleanIconColumn(show_false_icon=True, null=True, true_color="black", false_color="black") + note = tables.Column() + action = tables.TemplateColumn( + template_name="gregor_anvil/snippets/upload_workspace_sharing_audit_action_button.html" + ) + + class Meta: + attrs = {"class": "table align-middle"} + + +class UploadWorkspaceSharingAudit(GREGoRAudit): + """A class to hold audit results for the GREGoR UploadWorkspace audit.""" + + # RC uploader statues. + RC_UPLOADERS_FUTURE_CYCLE = "Uploaders should not have access to future cycles." + RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE = ( + "Uploaders should have write access before compute is enabled for this upload cycle." + ) + RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE = "Uploaders should have write access with compute for this upload cycle." + RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE = "Uploaders should not have direct access before QC is complete." + RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE = "Uploader group should not have direct access after QC is complete." + RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY = ( + "Uploader group should not have direct access when the combined workspace is ready to share or shared." + ) + + # DCC writer group status. + DCC_WRITERS_FUTURE_CYCLE = "DCC writers should have write and compute access for future cycles." + DCC_WRITERS_CURRENT_CYCLE = "DCC writers should have write and compute access for the current upload cycle." + DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE = ( + "DCC writers should have write and compute access before QC is complete." + ) + DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE = "DCC writers should not have direct access after QC is complete." + DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY = ( + "DCC writers should not have direct access when the combined workspace is ready to share or shared." + ) + + # DCC admin group status. + DCC_ADMIN_AS_OWNER = "The DCC admin group should always be an owner." + + # Auth domain status. + AUTH_DOMAIN_AS_READER = "The auth domain should always be a reader." + + # Other group. + OTHER_GROUP_NO_ACCESS = "Other groups should not have direct access." + + results_table_class = UploadWorkspaceSharingAuditTable + + def __init__(self, queryset=None): + super().__init__() + if queryset is None: + queryset = UploadWorkspace.objects.all() + if not (isinstance(queryset, QuerySet) and queryset.model is UploadWorkspace): + raise ValueError("queryset must be a queryset of UploadWorkspace objects.") + self.queryset = queryset + + def _run_audit(self): + for workspace in self.queryset: + self.audit_upload_workspace(workspace) + + def _get_current_sharing(self, upload_workspace, managed_group): + try: + current_sharing = WorkspaceGroupSharing.objects.get( + workspace=upload_workspace.workspace, group=managed_group + ) + except WorkspaceGroupSharing.DoesNotExist: + current_sharing = None + return current_sharing + + def _get_combined_workspace(self, upload_cycle): + """Returns the combined workspace, but only if it is ready for sharing.""" + try: + combined_workspace = CombinedConsortiumDataWorkspace.objects.get( + upload_cycle=upload_cycle, date_completed__isnull=False + ) + except CombinedConsortiumDataWorkspace.DoesNotExist: + combined_workspace = None + return combined_workspace + + def audit_upload_workspace(self, upload_workspace): + """Audit access for a specific UploadWorkspace.""" + # Get a list of managed groups that should be included in this audit. + # This includes the members group for the RC, the DCC groups, GREGOR_ALL, and the auth domain. + research_center = upload_workspace.research_center + group_names_to_include = [ + "GREGOR_DCC_WRITERS", # DCC writers + settings.ANVIL_DCC_ADMINS_GROUP_NAME, # DCC admins + "anvil-admins", # AnVIL admins + "anvil_devs", # AnVIL devs + ] + groups_to_audit = ManagedGroup.objects.filter( + # RC uploader group. + Q(research_center_of_uploaders=research_center) + | + # Specific groups from above. + Q(name__in=group_names_to_include) + | + # Auth domain. + Q(workspaceauthorizationdomain__workspace=upload_workspace.workspace) + | + # Groups that the workspace is shared with. + Q(workspacegroupsharing__workspace=upload_workspace.workspace) + ).distinct() + + for group in groups_to_audit: + self.audit_workspace_and_group(upload_workspace, group) + + def audit_workspace_and_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and ManagedGroup.""" + # Check the group type, and then call the appropriate audit method. + if upload_workspace.research_center.uploader_group == managed_group: + self._audit_workspace_and_rc_uploader_group(upload_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_WRITERS": + self._audit_workspace_and_dcc_writer_group(upload_workspace, managed_group) + elif managed_group in upload_workspace.workspace.authorization_domains.all(): + self._audit_workspace_and_auth_domain(upload_workspace, managed_group) + elif managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: + self._audit_workspace_and_dcc_admin_group(upload_workspace, managed_group) + elif managed_group.name in ["anvil-admins", "anvil_devs"]: + self._audit_workspace_and_anvil_group(upload_workspace, managed_group) + else: + self._audit_workspace_and_other_group(upload_workspace, managed_group) + + def _audit_workspace_and_anvil_group(self, upload_workspace, managed_group): + """Ignore the AnVIL groups in this audit. + + We don't want to make assumptions about what access level AnVIL has.""" + pass + + def _audit_workspace_and_rc_uploader_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and RC uploader group. + + Sharing expectations: + - No access to future upload cycle. + - Write access before compute is enabled for current upload cycle. + - Write+compute access after compute is enabled for current upload cycle. + - Read access to past upload cycle workspaces before QC is completed. + - No access to past upload cycle workspaces after QC is completed (read access via auth domain). + """ + upload_cycle = upload_workspace.upload_cycle + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + combined_workspace = self._get_combined_workspace(upload_cycle) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if upload_cycle.is_future: + note = self.RC_UPLOADERS_FUTURE_CYCLE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif upload_cycle.is_current and not upload_cycle.date_ready_for_compute: + note = self.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareAsWriter(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and not current_sharing.can_compute + ): + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.ShareAsWriter(note=note, **audit_result_args)) + elif upload_cycle.is_current and upload_cycle.date_ready_for_compute: + note = self.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args) + ) + elif upload_cycle.is_past and not upload_workspace.date_qc_completed: + note = self.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif upload_cycle.is_past and upload_workspace.date_qc_completed and not combined_workspace: + note = self.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif upload_cycle.is_past and combined_workspace: + note = self.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + raise ValueError("No case matched for RC uploader group.") + + def _audit_workspace_and_dcc_writer_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and the DCC writer group. + + Sharing expectations: + - Write+compute access to future and current upload cycles. + - Write+compute access to past upload cycles before QC is complete. + - No direct access to past upload cycle workspaces after QC is completed (read access via auth domain). + """ + upload_cycle = upload_workspace.upload_cycle + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + combined_workspace = self._get_combined_workspace(upload_cycle) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if upload_cycle.is_future: + note = self.DCC_WRITERS_FUTURE_CYCLE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute( + note=note, + **audit_result_args, + ) + ) + elif upload_cycle.is_current: + note = self.DCC_WRITERS_CURRENT_CYCLE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute( + note=note, + **audit_result_args, + ) + ) + elif upload_cycle.is_past and not upload_workspace.date_qc_completed: + note = self.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute( + note=note, + **audit_result_args, + ) + ) + elif upload_cycle.is_past and upload_workspace.date_qc_completed and not combined_workspace: + note = self.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif not current_sharing: + self.verified.append( + workspace_sharing_audit_results.VerifiedNotShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.StopSharing( + note=note, + **audit_result_args, + ) + ) + elif upload_cycle.is_past and combined_workspace: + note = self.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif not current_sharing: + self.verified.append( + workspace_sharing_audit_results.VerifiedNotShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.StopSharing( + note=note, + **audit_result_args, + ) + ) + + else: + raise ValueError("No case matched for DCC writer group.") + + def _audit_workspace_and_auth_domain(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and its auth domain. + + Sharing expectations: + - Read access at all times. + """ + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + note = self.AUTH_DOMAIN_AS_READER + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareAsReader( + note=note, + **audit_result_args, + ) + ) + + def _audit_workspace_and_dcc_admin_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and the DCC admin group. + + Sharing expectations: + - Owner access at all times. + """ + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + note = self.DCC_ADMIN_AS_OWNER + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareAsOwner( + note=note, + **audit_result_args, + ) + ) + + def _audit_workspace_and_other_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and other groups. + + Sharing expectations: + - No access. + """ + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if not current_sharing: + self.verified.append( + workspace_sharing_audit_results.VerifiedNotShared( + note=self.OTHER_GROUP_NO_ACCESS, + **audit_result_args, + ) + ) + else: + self.errors.append( + workspace_sharing_audit_results.StopSharing( + note=self.OTHER_GROUP_NO_ACCESS, + **audit_result_args, + ) + ) diff --git a/gregor_django/gregor_anvil/audit/upload_workspace_auth_domain_audit.py b/gregor_django/gregor_anvil/audit/upload_workspace_auth_domain_audit.py deleted file mode 100644 index ebb98e34..00000000 --- a/gregor_django/gregor_anvil/audit/upload_workspace_auth_domain_audit.py +++ /dev/null @@ -1,449 +0,0 @@ -from dataclasses import dataclass - -import django_tables2 as tables -from anvil_consortium_manager.models import GroupGroupMembership, ManagedGroup -from django.conf import settings -from django.db.models import Q, QuerySet - -from ..models import CombinedConsortiumDataWorkspace, UploadWorkspace -from .base import GREGoRAudit, GREGoRAuditResult - - -@dataclass -class UploadWorkspaceAuthDomainAuditResult(GREGoRAuditResult): - """Base class to hold results for auditing upload workspace sharing.""" - - workspace: UploadWorkspace - note: str - managed_group: ManagedGroup - action: str = None - current_membership_instance: GroupGroupMembership = None - - def get_table_dictionary(self): - """Return a dictionary that can be used to populate an instance of `dbGaPDataSharingSnapshotAuditTable`.""" - row = { - "workspace": self.workspace, - "managed_group": self.managed_group, - "role": self.current_membership_instance.role if self.current_membership_instance else None, - "note": self.note, - "action": self.action, - } - return row - - -@dataclass -class VerifiedMember(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when member membership has been verified.""" - - def __str__(self): - return f"Verified member: {self.note}" - - -@dataclass -class VerifiedAdmin(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when membership with an admin role has been verified.""" - - is_shared: bool = False - - def __str__(self): - return f"Verified admin: {self.note}" - - -@dataclass -class VerifiedNotMember(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when member membership has been verified.""" - - def __str__(self): - return f"Verified member: {self.note}" - - -@dataclass -class AddMember(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when a member role should be added.""" - - action: str = "Add member" - - def __str__(self): - return f"Add member: {self.note}" - - -@dataclass -class AddAdmin(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when an admin role should be added.""" - - action: str = "Add admin" - - def __str__(self): - return f"Add admin: {self.note}" - - -@dataclass -class ChangeToMember(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when an admin role should be changed to a member role.""" - - action: str = "Change to member" - - def __str__(self): - return f"Change to member: {self.note}" - - -@dataclass -class ChangeToAdmin(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when a member role should be changed to an admin role.""" - - action: str = "Change to admin" - - def __str__(self): - return f"Change to admin: {self.note}" - - -@dataclass -class Remove(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when group membership should be removed.""" - - action: str = "Remove" - - def __str__(self): - return f"Share as owner: {self.note}" - - -class UploadWorkspaceAuthDomainAuditTable(tables.Table): - """A table to show results from a UploadWorkspaceAuthDomainAudit subclass.""" - - workspace = tables.Column(linkify=True) - managed_group = tables.Column(linkify=True) - # is_shared = tables.Column() - role = tables.Column(verbose_name="Current role") - note = tables.Column() - # action = tables.Column() - action = tables.TemplateColumn( - template_name="gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html" - ) - - class Meta: - attrs = {"class": "table align-middle"} - - -class UploadWorkspaceAuthDomainAudit(GREGoRAudit): - """A class to hold audit results for the GREGoR UploadWorkspace auth domain audit.""" - - # RC notes. - RC_FUTURE_CYCLE = "RC groups should not be in the auth domain until the upload cycle starts." - RC_UPLOADERS_BEFORE_QC = "RC uploader group should be a member of the auth domain before QC is complete." - RC_UPLOADERS_AFTER_QC = "RC uploader group should not be a member of the auth domain after QC is complete." - RC_MEMBERS_BEFORE_COMBINED = ( - "RC member group should be a member of the auth domain before the combined workspace is complete." - ) - RC_MEMBERS_AFTER_COMBINED = ( - "RC member group should not be a member of the auth domain after the combined workspace is complete." - ) - RC_NON_MEMBERS_AFTER_START = ( - "RC non-member group should be a member of the auth domain for current and past upload cycles." - ) - - # DCC notes. - DCC_ADMINS = "DCC admin group should always be an admin of the auth domain." - DCC_BEFORE_COMBINED = "DCC groups should be a member of the auth domain before the combined workspace is complete." - DCC_AFTER_COMBINED = ( - "DCC groups should not be direct members of the auth domain after the combined workspace is complete." - ) - - # GREGOR_ALL notes. - GREGOR_ALL_BEFORE_COMBINED = "GREGOR_ALL should not have access before the combined workspace is complete." - GREGOR_ALL_AFTER_COMBINED = ( - "GREGOR_ALL should be a member of the auth domain after the combined workspace is complete." - ) - - # Other group notes. - OTHER_GROUP = "This group should not have access to the auth domain." - UNEXPECTED_ADMIN = "Only the DCC admins group should be an admin of the auth domain." - - results_table_class = UploadWorkspaceAuthDomainAuditTable - - def __init__(self, queryset=None): - super().__init__() - if queryset is None: - queryset = UploadWorkspace.objects.all() - if not (isinstance(queryset, QuerySet) and queryset.model is UploadWorkspace): - raise ValueError("queryset must be a queryset of UploadWorkspace objects.") - self.queryset = queryset - - def _run_audit(self): - for workspace in self.queryset: - self.audit_upload_workspace(workspace) - - def _get_current_membership(self, upload_workspace, managed_group): - try: - current_membership = GroupGroupMembership.objects.get( - parent_group=upload_workspace.workspace.authorization_domains.first(), child_group=managed_group - ) - except GroupGroupMembership.DoesNotExist: - current_membership = None - return current_membership - - def _get_combined_workspace(self, upload_cycle): - """Returns the combined workspace, but only if it is ready for sharing.""" - try: - combined_workspace = CombinedConsortiumDataWorkspace.objects.get( - upload_cycle=upload_cycle, date_completed__isnull=False - ) - except CombinedConsortiumDataWorkspace.DoesNotExist: - combined_workspace = None - return combined_workspace - - def audit_upload_workspace(self, upload_workspace): - """Audit the auth domain membership of a single UploadWorkspace.""" - research_center = upload_workspace.research_center - group_names = [ - "GREGOR_ALL", - "GREGOR_DCC_MEMBERS", - "GREGOR_DCC_WRITERS", - settings.ANVIL_DCC_ADMINS_GROUP_NAME, - ] - groups_to_audit = ManagedGroup.objects.filter( - # RC uploader group. - Q(research_center_of_uploaders=research_center) - | - # RC member group. - Q(research_center_of_members=research_center) - | - # RC non-member group. - Q(research_center_of_non_members=research_center) - | - # Other sepcific groups to include. - Q(name__in=group_names) - | - # Any other groups that are members. - Q(parent_memberships__parent_group=upload_workspace.workspace.authorization_domains.first()) - ).distinct() - - for group in groups_to_audit: - self.audit_workspace_and_group(upload_workspace, group) - - def audit_workspace_and_group(self, upload_workspace, managed_group): - if managed_group == upload_workspace.research_center.uploader_group: - self._audit_workspace_and_group_for_rc_uploaders(upload_workspace, managed_group) - elif managed_group == upload_workspace.research_center.member_group: - self._audit_workspace_and_group_for_rc_members(upload_workspace, managed_group) - elif managed_group == upload_workspace.research_center.non_member_group: - self._audit_workspace_and_group_for_rc_non_members(upload_workspace, managed_group) - elif managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: - self._audit_workspace_and_group_for_dcc_admin(upload_workspace, managed_group) - elif managed_group.name == "GREGOR_DCC_WRITERS": - self._audit_workspace_and_group_for_dcc(upload_workspace, managed_group) - elif managed_group.name == "GREGOR_DCC_MEMBERS": - self._audit_workspace_and_group_for_dcc(upload_workspace, managed_group) - elif managed_group.name == "GREGOR_ALL": - self._audit_workspace_and_group_for_gregor_all(upload_workspace, managed_group) - elif managed_group.name == "anvil-admins": - self._audit_workspace_and_anvil_group(upload_workspace, managed_group) - elif managed_group.name == "anvil_devs": - self._audit_workspace_and_anvil_group(upload_workspace, managed_group) - else: - self._audit_workspace_and_other_group(upload_workspace, managed_group) - - def _audit_workspace_and_group_for_rc_uploaders(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - } - - # Otherwise, proceed with other checks. - if upload_workspace.upload_cycle.is_future: - note = self.RC_FUTURE_CYCLE - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - elif upload_workspace.upload_cycle.is_current: - note = self.RC_UPLOADERS_BEFORE_QC - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(ChangeToMember(note=note, **result_kwargs)) - elif membership: - self.verified.append(VerifiedMember(note=note, **result_kwargs)) - else: - self.needs_action.append(AddMember(note=note, **result_kwargs)) - elif upload_workspace.upload_cycle.is_past and not upload_workspace.date_qc_completed: - note = self.RC_UPLOADERS_BEFORE_QC - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(ChangeToMember(note=note, **result_kwargs)) - elif membership: - self.verified.append(VerifiedMember(note=note, **result_kwargs)) - else: - self.needs_action.append(AddMember(note=note, **result_kwargs)) - else: - note = self.RC_UPLOADERS_AFTER_QC - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - - def _audit_workspace_and_group_for_rc_members(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - } - - if upload_workspace.upload_cycle.is_future: - note = self.RC_FUTURE_CYCLE - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - elif not combined_workspace: - note = self.RC_MEMBERS_BEFORE_COMBINED - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(ChangeToMember(note=note, **result_kwargs)) - elif membership: - self.verified.append(VerifiedMember(note=note, **result_kwargs)) - else: - self.needs_action.append(AddMember(note=note, **result_kwargs)) - else: - note = self.RC_MEMBERS_AFTER_COMBINED - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - - def _audit_workspace_and_group_for_rc_non_members(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - } - - if upload_workspace.upload_cycle.is_future: - note = self.RC_FUTURE_CYCLE - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - else: - note = self.RC_NON_MEMBERS_AFTER_START - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(ChangeToMember(note=note, **result_kwargs)) - elif membership: - self.verified.append(VerifiedMember(note=note, **result_kwargs)) - else: - self.needs_action.append(AddMember(note=note, **result_kwargs)) - - def _audit_workspace_and_group_for_dcc_admin(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - if not membership: - self.needs_action.append( - AddAdmin( - workspace=upload_workspace, - managed_group=managed_group, - note=self.DCC_ADMINS, - current_membership_instance=membership, - ) - ) - elif membership.role == GroupGroupMembership.ADMIN: - self.verified.append( - VerifiedAdmin( - workspace=upload_workspace, - managed_group=managed_group, - note=self.DCC_ADMINS, - current_membership_instance=membership, - ) - ) - else: - self.needs_action.append( - ChangeToAdmin( - workspace=upload_workspace, - managed_group=managed_group, - note=self.DCC_ADMINS, - current_membership_instance=membership, - ) - ) - - def _audit_workspace_and_group_for_dcc(self, upload_workspace, managed_group): - combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) - membership = self._get_current_membership(upload_workspace, managed_group) - if combined_workspace: - note = self.DCC_AFTER_COMBINED - else: - note = self.DCC_BEFORE_COMBINED - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - "note": note, - } - - if not combined_workspace and not membership: - self.needs_action.append(AddMember(**result_kwargs)) - elif not combined_workspace and membership: - if membership.role == GroupGroupMembership.MEMBER: - self.verified.append(VerifiedMember(**result_kwargs)) - else: - self.errors.append(ChangeToMember(**result_kwargs)) - elif combined_workspace and not membership: - self.verified.append(VerifiedNotMember(**result_kwargs)) - elif combined_workspace and membership: - if membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(**result_kwargs)) - else: - self.needs_action.append(Remove(**result_kwargs)) - - def _audit_workspace_and_group_for_gregor_all(self, upload_workspace, managed_group): - combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) - membership = self._get_current_membership(upload_workspace, managed_group) - if combined_workspace: - note = self.GREGOR_ALL_AFTER_COMBINED - else: - note = self.GREGOR_ALL_BEFORE_COMBINED - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - "note": note, - } - - if not combined_workspace and not membership: - self.verified.append(VerifiedNotMember(**result_kwargs)) - elif not combined_workspace and membership: - self.errors.append(Remove(**result_kwargs)) - elif combined_workspace and not membership: - self.needs_action.append(AddMember(**result_kwargs)) - elif combined_workspace and membership: - if membership.role == GroupGroupMembership.MEMBER: - self.verified.append(VerifiedMember(**result_kwargs)) - else: - self.errors.append(ChangeToMember(**result_kwargs)) - - def _audit_workspace_and_anvil_group(self, upload_workspace, managed_group): - """Ignore the AnVIL groups in this audit. - - We don't want to make assumptions about what access level AnVIL has.""" - pass - - def _audit_workspace_and_other_group(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - "note": self.OTHER_GROUP, - } - - if not membership: - self.verified.append(VerifiedNotMember(**result_kwargs)) - elif membership: - self.errors.append(Remove(**result_kwargs)) diff --git a/gregor_django/gregor_anvil/audit/upload_workspace_sharing_audit.py b/gregor_django/gregor_anvil/audit/upload_workspace_sharing_audit.py deleted file mode 100644 index 249c7a24..00000000 --- a/gregor_django/gregor_anvil/audit/upload_workspace_sharing_audit.py +++ /dev/null @@ -1,559 +0,0 @@ -from dataclasses import dataclass - -import django_tables2 as tables -from anvil_consortium_manager.models import ManagedGroup, WorkspaceGroupSharing -from django.conf import settings -from django.db.models import Q, QuerySet - -from ..models import CombinedConsortiumDataWorkspace, UploadWorkspace -from ..tables import BooleanIconColumn -from .base import GREGoRAudit, GREGoRAuditResult - - -@dataclass -class UploadWorkspaceSharingAuditResult(GREGoRAuditResult): - """Base class to hold results for auditing upload workspace sharing.""" - - workspace: UploadWorkspace - note: str - managed_group: ManagedGroup - action: str = None - current_sharing_instance: WorkspaceGroupSharing = None - - def get_action_url(self): - """The URL that handles the action needed.""" - # return reverse( - # "gregor_anvil:audit:upload_workspaces:sharing:resolve", - # args=[ - # self.dbgap_application.dbgap_project_id, - # self.workspace.workspace.billing_project.name, - # self.workspace.workspace.name, - # ], - # ) - return "" - - def get_table_dictionary(self): - """Return a dictionary that can be used to populate an instance of `dbGaPDataSharingSnapshotAuditTable`.""" - row = { - "workspace": self.workspace, - "managed_group": self.managed_group, - "access": self.current_sharing_instance.access if self.current_sharing_instance else None, - "can_compute": self.current_sharing_instance.can_compute if self.current_sharing_instance else None, - "note": self.note, - "action": self.action, - "action_url": self.get_action_url(), - } - return row - - -@dataclass -class VerifiedShared(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing has been verified.""" - - is_shared: bool = True - - def __str__(self): - return f"Verified sharing: {self.note}" - - -@dataclass -class VerifiedNotShared(UploadWorkspaceSharingAuditResult): - """Audit results class for when no Sharing has been verified.""" - - is_shared: bool = False - - def __str__(self): - return f"Verified not shared: {self.note}" - - -@dataclass -class ShareAsReader(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be granted as a reader.""" - - is_shared: bool = False - action: str = "Share as reader" - - def __str__(self): - return f"Share as reader: {self.note}" - - -@dataclass -class ShareAsWriter(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be granted as a writer.""" - - is_shared: bool = False - action: str = "Share as writer" - - def __str__(self): - return f"Share as writer: {self.note}" - - -@dataclass -class ShareAsOwner(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be granted as an owner.""" - - is_shared: bool = False - action: str = "Share as owner" - - def __str__(self): - return f"Share as owner: {self.note}" - - -@dataclass -class ShareWithCompute(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be granted with compute access.""" - - is_shared: bool = False - action: str = "Share with compute" - - def __str__(self): - return f"Share with compute: {self.note}" - - -@dataclass -class StopSharing(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be removed for a known reason.""" - - is_shared: bool = True - action: str = "Stop sharing" - - def __str__(self): - return f"Stop sharing: {self.note}" - - -@dataclass -class Error(UploadWorkspaceSharingAuditResult): - """Audit results class for when an error has been detected (e.g., shared and never should have been).""" - - pass - - -class UploadWorkspaceSharingAuditTable(tables.Table): - """A table to show results from a UploadWorkspaceSharingAudit subclass.""" - - workspace = tables.Column(linkify=True) - managed_group = tables.Column(linkify=True) - # is_shared = tables.Column() - access = tables.Column(verbose_name="Current access") - can_compute = BooleanIconColumn(show_false_icon=True, null=True) - note = tables.Column() - # action = tables.Column() - action = tables.TemplateColumn( - template_name="gregor_anvil/snippets/upload_workspace_sharing_audit_action_button.html" - ) - - class Meta: - attrs = {"class": "table align-middle"} - - -class UploadWorkspaceSharingAudit(GREGoRAudit): - """A class to hold audit results for the GREGoR UploadWorkspace audit.""" - - # RC uploader statues. - RC_UPLOADERS_FUTURE_CYCLE = "Uploaders should not have access to future cycles." - RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE = ( - "Uploaders should have write access before compute is enabled for this upload cycle." - ) - RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE = "Uploaders should have write access with compute for this upload cycle." - RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE = "Uploaders should not have direct access before QC is complete." - RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE = "Uploader group should not have direct access after QC is complete." - RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY = ( - "Uploader group should not have direct access when the combined workspace is ready to share or shared." - ) - - # DCC writer group status. - DCC_WRITERS_FUTURE_CYCLE = "DCC writers should have write and compute access for future cycles." - DCC_WRITERS_CURRENT_CYCLE = "DCC writers should have write and compute access for the current upload cycle." - DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE = ( - "DCC writers should have write and compute access before QC is complete." - ) - DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE = "DCC writers should not have direct access after QC is complete." - DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY = ( - "DCC writers should not have direct access when the combined workspace is ready to share or shared." - ) - - # DCC admin group status. - DCC_ADMIN_AS_OWNER = "The DCC admin group should always be an owner." - - # Auth domain status. - AUTH_DOMAIN_AS_READER = "The auth domain should always be a reader." - - # Other group. - OTHER_GROUP_NO_ACCESS = "Other groups should not have direct access." - - results_table_class = UploadWorkspaceSharingAuditTable - - def __init__(self, queryset=None): - super().__init__() - if queryset is None: - queryset = UploadWorkspace.objects.all() - if not (isinstance(queryset, QuerySet) and queryset.model is UploadWorkspace): - raise ValueError("queryset must be a queryset of UploadWorkspace objects.") - self.queryset = queryset - - def _run_audit(self): - for workspace in self.queryset: - self.audit_upload_workspace(workspace) - - def _get_current_sharing(self, upload_workspace, managed_group): - try: - current_sharing = WorkspaceGroupSharing.objects.get( - workspace=upload_workspace.workspace, group=managed_group - ) - except WorkspaceGroupSharing.DoesNotExist: - current_sharing = None - return current_sharing - - def _get_combined_workspace(self, upload_cycle): - """Returns the combined workspace, but only if it is ready for sharing.""" - try: - combined_workspace = CombinedConsortiumDataWorkspace.objects.get( - upload_cycle=upload_cycle, date_completed__isnull=False - ) - except CombinedConsortiumDataWorkspace.DoesNotExist: - combined_workspace = None - return combined_workspace - - def audit_upload_workspace(self, upload_workspace): - """Audit access for a specific UploadWorkspace.""" - # Get a list of managed groups that should be included in this audit. - # This includes the members group for the RC, the DCC groups, GREGOR_ALL, and the auth domain. - research_center = upload_workspace.research_center - group_names_to_include = [ - "GREGOR_DCC_WRITERS", # DCC writers - settings.ANVIL_DCC_ADMINS_GROUP_NAME, # DCC admins - "anvil-admins", # AnVIL admins - "anvil_devs", # AnVIL devs - ] - groups_to_audit = ManagedGroup.objects.filter( - # RC uploader group. - Q(research_center_of_uploaders=research_center) - | - # Specific groups from above. - Q(name__in=group_names_to_include) - | - # Auth domain. - Q(workspaceauthorizationdomain__workspace=upload_workspace.workspace) - | - # Groups that the workspace is shared with. - Q(workspacegroupsharing__workspace=upload_workspace.workspace) - ).distinct() - - for group in groups_to_audit: - self.audit_workspace_and_group(upload_workspace, group) - - def audit_workspace_and_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and ManagedGroup.""" - # Check the group type, and then call the appropriate audit method. - if upload_workspace.research_center.uploader_group == managed_group: - self._audit_workspace_and_rc_uploader_group(upload_workspace, managed_group) - elif managed_group.name == "GREGOR_DCC_WRITERS": - self._audit_workspace_and_dcc_writer_group(upload_workspace, managed_group) - elif managed_group in upload_workspace.workspace.authorization_domains.all(): - self._audit_workspace_and_auth_domain(upload_workspace, managed_group) - elif managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: - self._audit_workspace_and_dcc_admin_group(upload_workspace, managed_group) - elif managed_group.name in ["anvil-admins", "anvil_devs"]: - self._audit_workspace_and_anvil_group(upload_workspace, managed_group) - else: - self._audit_workspace_and_other_group(upload_workspace, managed_group) - - def _audit_workspace_and_anvil_group(self, upload_workspace, managed_group): - """Ignore the AnVIL groups in this audit. - - We don't want to make assumptions about what access level AnVIL has.""" - pass - - def _audit_workspace_and_rc_uploader_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and RC uploader group. - - Sharing expectations: - - No access to future upload cycle. - - Write access before compute is enabled for current upload cycle. - - Write+compute access after compute is enabled for current upload cycle. - - Read access to past upload cycle workspaces before QC is completed. - - No access to past upload cycle workspaces after QC is completed (read access via auth domain). - """ - upload_cycle = upload_workspace.upload_cycle - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - combined_workspace = self._get_combined_workspace(upload_cycle) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - if upload_cycle.is_future: - note = self.RC_UPLOADERS_FUTURE_CYCLE - if not current_sharing: - self.verified.append(VerifiedNotShared(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - else: - self.needs_action.append(StopSharing(note=note, **audit_result_args)) - elif upload_cycle.is_current and not upload_cycle.date_ready_for_compute: - note = self.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareAsWriter(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and not current_sharing.can_compute - ): - self.verified.append(VerifiedShared(note=note, **audit_result_args)) - else: - self.needs_action.append(ShareAsWriter(note=note, **audit_result_args)) - elif upload_cycle.is_current and upload_cycle.date_ready_for_compute: - note = self.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareWithCompute(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and current_sharing.can_compute - ): - self.verified.append(VerifiedShared(note=note, **audit_result_args)) - else: - self.needs_action.append(ShareWithCompute(note=note, **audit_result_args)) - elif upload_cycle.is_past and not upload_workspace.date_qc_completed: - note = self.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE - if not current_sharing: - self.verified.append(VerifiedNotShared(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - else: - self.needs_action.append(StopSharing(note=note, **audit_result_args)) - elif upload_cycle.is_past and upload_workspace.date_qc_completed and not combined_workspace: - note = self.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE - if not current_sharing: - self.verified.append(VerifiedNotShared(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - else: - self.needs_action.append(StopSharing(note=note, **audit_result_args)) - elif upload_cycle.is_past and combined_workspace: - note = self.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY - if not current_sharing: - self.verified.append(VerifiedNotShared(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - else: - self.needs_action.append(StopSharing(note=note, **audit_result_args)) - else: - raise ValueError("No case matched for RC uploader group.") - - def _audit_workspace_and_dcc_writer_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and the DCC writer group. - - Sharing expectations: - - Write+compute access to future and current upload cycles. - - Write+compute access to past upload cycles before QC is complete. - - No direct access to past upload cycle workspaces after QC is completed (read access via auth domain). - """ - upload_cycle = upload_workspace.upload_cycle - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - combined_workspace = self._get_combined_workspace(upload_cycle) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - if upload_cycle.is_future: - note = self.DCC_WRITERS_FUTURE_CYCLE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareWithCompute(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and current_sharing.can_compute - ): - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareWithCompute( - note=note, - **audit_result_args, - ) - ) - elif upload_cycle.is_current: - note = self.DCC_WRITERS_CURRENT_CYCLE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareWithCompute(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and current_sharing.can_compute - ): - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareWithCompute( - note=note, - **audit_result_args, - ) - ) - elif upload_cycle.is_past and not upload_workspace.date_qc_completed: - note = self.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareWithCompute(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and current_sharing.can_compute - ): - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareWithCompute( - note=note, - **audit_result_args, - ) - ) - elif upload_cycle.is_past and upload_workspace.date_qc_completed and not combined_workspace: - note = self.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - elif not current_sharing: - self.verified.append( - VerifiedNotShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - StopSharing( - note=note, - **audit_result_args, - ) - ) - elif upload_cycle.is_past and combined_workspace: - note = self.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - elif not current_sharing: - self.verified.append( - VerifiedNotShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - StopSharing( - note=note, - **audit_result_args, - ) - ) - - else: - raise ValueError("No case matched for DCC writer group.") - - def _audit_workspace_and_auth_domain(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and its auth domain. - - Sharing expectations: - - Read access at all times. - """ - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - note = self.AUTH_DOMAIN_AS_READER - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareAsReader(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareAsReader( - note=note, - **audit_result_args, - ) - ) - - def _audit_workspace_and_dcc_admin_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and the DCC admin group. - - Sharing expectations: - - Owner access at all times. - """ - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - note = self.DCC_ADMIN_AS_OWNER - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareAsOwner( - note=note, - **audit_result_args, - ) - ) - - def _audit_workspace_and_other_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and other groups. - - Sharing expectations: - - No access. - """ - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - if not current_sharing: - self.verified.append( - VerifiedNotShared( - note=self.OTHER_GROUP_NO_ACCESS, - **audit_result_args, - ) - ) - else: - self.errors.append( - StopSharing( - note=self.OTHER_GROUP_NO_ACCESS, - **audit_result_args, - ) - ) diff --git a/gregor_django/gregor_anvil/audit/workspace_auth_domain_audit_results.py b/gregor_django/gregor_anvil/audit/workspace_auth_domain_audit_results.py new file mode 100644 index 00000000..493203a8 --- /dev/null +++ b/gregor_django/gregor_anvil/audit/workspace_auth_domain_audit_results.py @@ -0,0 +1,156 @@ +from dataclasses import dataclass + +from anvil_consortium_manager.models import GroupGroupMembership, ManagedGroup, Workspace + +from .base import GREGoRAuditResult + + +@dataclass +class WorkspaceAuthDomainAuditResult(GREGoRAuditResult): + """Base class to hold results for auditing upload workspace sharing.""" + + workspace: Workspace + note: str + managed_group: ManagedGroup + action: str = None + current_membership_instance: GroupGroupMembership = None + handled: bool = False + + def get_table_dictionary(self): + """Return a dictionary that can be used to populate an instance of `dbGaPDataSharingSnapshotAuditTable`.""" + row = { + "workspace": self.workspace, + "managed_group": self.managed_group, + "role": self.current_membership_instance.role if self.current_membership_instance else None, + "note": self.note, + "action": self.action, + } + return row + + def _handle(self): + raise NotImplementedError("Subclasses must implement this method.") + + def handle(self): + self._handle() + self.handled = True + + +@dataclass +class VerifiedMember(WorkspaceAuthDomainAuditResult): + """Audit results class for when member membership has been verified.""" + + def __str__(self): + return f"Verified member: {self.note}" + + def _handle(self): + pass + + +@dataclass +class VerifiedAdmin(WorkspaceAuthDomainAuditResult): + """Audit results class for when membership with an admin role has been verified.""" + + def __str__(self): + return f"Verified admin: {self.note}" + + def _handle(self): + pass + + +@dataclass +class VerifiedNotMember(WorkspaceAuthDomainAuditResult): + """Audit results class for when member membership has been verified.""" + + def __str__(self): + return f"Verified member: {self.note}" + + def _handle(self): + pass + + +@dataclass +class AddMember(WorkspaceAuthDomainAuditResult): + """Audit results class for when a member role should be added.""" + + action: str = "Add member" + + def __str__(self): + return f"Add member: {self.note}" + + def _handle(self): + membership = GroupGroupMembership( + parent_group=self.workspace.authorization_domains.first(), + child_group=self.managed_group, + role=GroupGroupMembership.MEMBER, + ) + membership.full_clean() + membership.save() + membership.anvil_create() + + +@dataclass +class AddAdmin(WorkspaceAuthDomainAuditResult): + """Audit results class for when an admin role should be added.""" + + action: str = "Add admin" + + def __str__(self): + return f"Add admin: {self.note}" + + def _handle(self): + membership = GroupGroupMembership( + parent_group=self.workspace.authorization_domains.first(), + child_group=self.managed_group, + role=GroupGroupMembership.ADMIN, + ) + membership.full_clean() + membership.save() + membership.anvil_create() + + +@dataclass +class ChangeToMember(WorkspaceAuthDomainAuditResult): + """Audit results class for when an admin role should be changed to a member role.""" + + action: str = "Change to member" + + def __str__(self): + return f"Change to member: {self.note}" + + def _handle(self): + self.current_membership_instance.anvil_delete() + self.current_membership_instance.role = GroupGroupMembership.MEMBER + self.current_membership_instance.full_clean() + self.current_membership_instance.save() + self.current_membership_instance.anvil_create() + + +@dataclass +class ChangeToAdmin(WorkspaceAuthDomainAuditResult): + """Audit results class for when a member role should be changed to an admin role.""" + + action: str = "Change to admin" + + def __str__(self): + return f"Change to admin: {self.note}" + + def _handle(self): + self.current_membership_instance.anvil_delete() + self.current_membership_instance.role = GroupGroupMembership.ADMIN + self.current_membership_instance.full_clean() + self.current_membership_instance.save() + self.current_membership_instance.anvil_create() + + +@dataclass +class Remove(WorkspaceAuthDomainAuditResult): + """Audit results class for when group membership should be removed.""" + + action: str = "Remove" + + def __str__(self): + return f"Share as owner: {self.note}" + + def _handle(self): + self.current_membership_instance.anvil_delete() + self.current_membership_instance.delete() diff --git a/gregor_django/gregor_anvil/audit/workspace_sharing_audit_results.py b/gregor_django/gregor_anvil/audit/workspace_sharing_audit_results.py new file mode 100644 index 00000000..42cc6398 --- /dev/null +++ b/gregor_django/gregor_anvil/audit/workspace_sharing_audit_results.py @@ -0,0 +1,187 @@ +from dataclasses import dataclass + +from anvil_consortium_manager.models import ( + ManagedGroup, + Workspace, + WorkspaceGroupSharing, +) + +from .base import GREGoRAuditResult + + +@dataclass +class WorkspaceSharingAuditResult(GREGoRAuditResult): + """Base class to hold results for auditing upload workspace sharing.""" + + workspace: Workspace + note: str + managed_group: ManagedGroup + action: str = None + current_sharing_instance: WorkspaceGroupSharing = None + handled: bool = False + + def get_table_dictionary(self): + """Return a dictionary that can be used to populate an instance of `dbGaPDataSharingSnapshotAuditTable`.""" + can_compute = None + if self.current_sharing_instance and self.current_sharing_instance.access != WorkspaceGroupSharing.READER: + can_compute = self.current_sharing_instance.can_compute + row = { + "workspace": self.workspace, + "managed_group": self.managed_group, + "access": self.current_sharing_instance.access if self.current_sharing_instance else None, + "can_compute": can_compute, + "note": self.note, + "action": self.action, + } + return row + + def _handle(self): + raise NotImplementedError("Subclasses must implement this method.") + + def handle(self): + self._handle() + self.handled = True + + +@dataclass +class VerifiedShared(WorkspaceSharingAuditResult): + """Audit results class for when Sharing has been verified.""" + + def __str__(self): + return f"Verified sharing: {self.note}" + + def _handle(self): + pass + + +@dataclass +class VerifiedNotShared(WorkspaceSharingAuditResult): + """Audit results class for when no Sharing has been verified.""" + + def __str__(self): + return f"Verified not shared: {self.note}" + + def _handle(self): + pass + + +@dataclass +class ShareAsReader(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be granted as a reader.""" + + action: str = "Share as reader" + + def __str__(self): + return f"Share as reader: {self.note}" + + def _handle(self): + # Create or update the sharing record. + if self.current_sharing_instance: + sharing = self.current_sharing_instance + else: + sharing = WorkspaceGroupSharing( + workspace=self.workspace, + group=self.managed_group, + ) + sharing.access = WorkspaceGroupSharing.READER + sharing.can_compute = False + sharing.full_clean() + sharing.save() + sharing.anvil_create_or_update() + + +@dataclass +class ShareAsWriter(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be granted as a writer.""" + + action: str = "Share as writer" + + def __str__(self): + return f"Share as writer: {self.note}" + + def _handle(self): + # Create or update the sharing record. + if self.current_sharing_instance: + sharing = self.current_sharing_instance + else: + sharing = WorkspaceGroupSharing( + workspace=self.workspace, + group=self.managed_group, + ) + sharing.access = WorkspaceGroupSharing.WRITER + sharing.can_compute = False + sharing.full_clean() + sharing.save() + sharing.anvil_create_or_update() + + +@dataclass +class ShareAsOwner(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be granted as an owner.""" + + action: str = "Share as owner" + + def __str__(self): + return f"Share as owner: {self.note}" + + def _handle(self): + # Create or update the sharing record. + if self.current_sharing_instance: + sharing = self.current_sharing_instance + else: + sharing = WorkspaceGroupSharing( + workspace=self.workspace, + group=self.managed_group, + ) + sharing.access = WorkspaceGroupSharing.OWNER + sharing.can_compute = True + sharing.full_clean() + sharing.save() + sharing.anvil_create_or_update() + + +@dataclass +class ShareWithCompute(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be granted with compute access.""" + + action: str = "Share with compute" + + def __str__(self): + return f"Share with compute: {self.note}" + + def _handle(self): + # Create or update the sharing record. + if self.current_sharing_instance: + sharing = self.current_sharing_instance + else: + sharing = WorkspaceGroupSharing( + workspace=self.workspace, + group=self.managed_group, + ) + sharing.access = WorkspaceGroupSharing.WRITER + sharing.can_compute = True + sharing.full_clean() + sharing.save() + sharing.anvil_create_or_update() + + +@dataclass +class StopSharing(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be removed for a known reason.""" + + action: str = "Stop sharing" + + def __str__(self): + return f"Stop sharing: {self.note}" + + def _handle(self): + # Remove the sharing record. + self.current_sharing_instance.anvil_delete() + self.current_sharing_instance.delete() + + +@dataclass +class Error(WorkspaceSharingAuditResult): + """Audit results class for when an error has been detected (e.g., shared and never should have been).""" + + pass diff --git a/gregor_django/gregor_anvil/management/commands/run_combined_workspace_audit.py b/gregor_django/gregor_anvil/management/commands/run_combined_workspace_audit.py new file mode 100644 index 00000000..f010052f --- /dev/null +++ b/gregor_django/gregor_anvil/management/commands/run_combined_workspace_audit.py @@ -0,0 +1,72 @@ +from django.contrib.sites.models import Site +from django.core.mail import send_mail +from django.core.management.base import BaseCommand +from django.template.loader import render_to_string +from django.urls import reverse + +from ...audit import combined_workspace_audit + + +class Command(BaseCommand): + help = "Run access audits on CombinedConsortiumDataWorkspaces." + + def add_arguments(self, parser): + email_group = parser.add_argument_group(title="Email reports") + email_group.add_argument( + "--email", + help="""Email to which to send audit reports that need action or have errors.""", + ) + + def run_sharing_audit(self, *args, **options): + self.stdout.write("Running CombinedConsortiumDataWorkspace sharing audit... ", ending="") + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self._handle_audit_results(audit, reverse("gregor_anvil:audit:combined_workspaces:sharing:all"), **options) + + def run_auth_domain_audit(self, *args, **options): + self.stdout.write("Running CombinedConsortiumDataWorkspace auth domain audit... ", ending="") + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self._handle_audit_results(audit, reverse("gregor_anvil:audit:combined_workspaces:auth_domains:all"), **options) + + def _handle_audit_results(self, audit, url, **options): + # Report errors and needs access. + audit_ok = audit.ok() + # Construct the url for handling errors. + url = "https://" + Site.objects.get_current().domain + url + if audit_ok: + self.stdout.write(self.style.SUCCESS("ok!")) + else: + self.stdout.write(self.style.ERROR("problems found.")) + + # Print results + self.stdout.write("* Verified: {}".format(len(audit.verified))) + self.stdout.write("* Needs action: {}".format(len(audit.needs_action))) + self.stdout.write("* Errors: {}".format(len(audit.errors))) + + if not audit_ok: + self.stdout.write(self.style.ERROR(f"Please visit {url} to resolve these issues.")) + + # Send email if requested and there are problems. + email = options["email"] + subject = "{} - problems found".format(audit.__class__.__name__) + html_body = render_to_string( + "gregor_anvil/email_audit_report.html", + context={ + "title": "Combined workspace audit", + "audit_results": audit, + "url": url, + }, + ) + send_mail( + subject, + "Audit problems found. Please see attached report.", + None, + [email], + fail_silently=False, + html_message=html_body, + ) + + def handle(self, *args, **options): + self.run_sharing_audit(*args, **options) + self.run_auth_domain_audit(*args, **options) diff --git a/gregor_django/gregor_anvil/management/commands/run_upload_workspace_audit.py b/gregor_django/gregor_anvil/management/commands/run_upload_workspace_audit.py index fb7db4e9..2832ccf6 100644 --- a/gregor_django/gregor_anvil/management/commands/run_upload_workspace_audit.py +++ b/gregor_django/gregor_anvil/management/commands/run_upload_workspace_audit.py @@ -4,7 +4,7 @@ from django.template.loader import render_to_string from django.urls import reverse -from ...audit import upload_workspace_auth_domain_audit, upload_workspace_sharing_audit +from ...audit import upload_workspace_audit class Command(BaseCommand): @@ -19,13 +19,13 @@ def add_arguments(self, parser): def run_sharing_audit(self, *args, **options): self.stdout.write("Running UploadWorkspace sharing audit... ", ending="") - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self._handle_audit_results(audit, reverse("gregor_anvil:audit:upload_workspaces:sharing:all"), **options) def run_auth_domain_audit(self, *args, **options): self.stdout.write("Running UploadWorkspace auth domain audit... ", ending="") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self._handle_audit_results(audit, reverse("gregor_anvil:audit:upload_workspaces:auth_domains:all"), **options) diff --git a/gregor_django/gregor_anvil/tests/factories.py b/gregor_django/gregor_anvil/tests/factories.py index 5bb9b0ce..19f57580 100644 --- a/gregor_django/gregor_anvil/tests/factories.py +++ b/gregor_django/gregor_anvil/tests/factories.py @@ -137,6 +137,7 @@ class CombinedConsortiumDataWorkspaceFactory(DjangoModelFactory): class Meta: model = models.CombinedConsortiumDataWorkspace + skip_postgeneration_save = True upload_cycle = SubFactory(UploadCycleFactory) workspace = SubFactory( @@ -144,6 +145,17 @@ class Meta: workspace_type="combined_consortium", ) + @post_generation + def authorization_domains(self, create, extracted, **kwargs): + # Add an authorization domain. + if not create: + # Simple build, do nothing. + return + + # Create an authorization domain. + auth_domain = ManagedGroupFactory.create(name="auth_{}".format(self.workspace.name)) + self.workspace.authorization_domains.add(auth_domain) + class ReleaseWorkspaceFactory(DjangoModelFactory): """A factory for the ReleaseWorkspace model.""" diff --git a/gregor_django/gregor_anvil/tests/test_audit.py b/gregor_django/gregor_anvil/tests/test_audit.py index 83dc8ff5..dae1fd63 100644 --- a/gregor_django/gregor_anvil/tests/test_audit.py +++ b/gregor_django/gregor_anvil/tests/test_audit.py @@ -1,20 +1,32 @@ """Tests for the `py` module.""" from dataclasses import dataclass +from datetime import timedelta import django_tables2 as tables +import responses from anvil_consortium_manager.models import GroupGroupMembership, WorkspaceGroupSharing from anvil_consortium_manager.tests.factories import ( GroupGroupMembershipFactory, ManagedGroupFactory, + WorkspaceAuthorizationDomainFactory, + WorkspaceFactory, WorkspaceGroupSharingFactory, ) +from anvil_consortium_manager.tests.utils import AnVILAPIMockTestMixin from django.conf import settings from django.test import TestCase, override_settings +from django.utils import timezone from faker import Faker +from freezegun import freeze_time from .. import models -from ..audit import upload_workspace_auth_domain_audit, upload_workspace_sharing_audit +from ..audit import ( + combined_workspace_audit, + upload_workspace_audit, + workspace_auth_domain_audit_results, + workspace_sharing_audit_results, +) from ..audit.base import GREGoRAudit, GREGoRAuditResult from ..tests import factories @@ -162,20 +174,837 @@ def test_get_errors_table(self): self.assertEqual(table.rows[0].get_cell("value"), "c") +class WorkspaceSharingAuditResultTest(AnVILAPIMockTestMixin, TestCase): + """General tests of the UploadWorkspaceSharingAuditResult dataclasses.""" + + def test_shared_as_owner(self): + workspace = WorkspaceFactory.create() + group = ManagedGroupFactory.create() + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, group=group, access=WorkspaceGroupSharing.OWNER, can_compute=True + ) + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertEqual(table_dictionary["access"], sharing.OWNER) + self.assertEqual(table_dictionary["can_compute"], True) + + def test_shared_as_writer_with_compute(self): + workspace = WorkspaceFactory.create() + group = ManagedGroupFactory.create() + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, group=group, access=WorkspaceGroupSharing.WRITER, can_compute=True + ) + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertEqual(table_dictionary["access"], sharing.WRITER) + self.assertEqual(table_dictionary["can_compute"], True) + + def test_shared_as_writer_without_compute(self): + workspace = WorkspaceFactory.create() + group = ManagedGroupFactory.create() + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, group=group, access=WorkspaceGroupSharing.WRITER, can_compute=False + ) + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertEqual(table_dictionary["access"], sharing.WRITER) + self.assertEqual(table_dictionary["can_compute"], False) + + def test_shared_as_reader(self): + workspace = WorkspaceFactory.create() + group = ManagedGroupFactory.create() + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, group=group, access=WorkspaceGroupSharing.READER + ) + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertEqual(table_dictionary["access"], sharing.READER) + self.assertIsNone(table_dictionary["can_compute"]) + + def test_not_shared(self): + workspace = WorkspaceFactory.create() + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertIsNone(table_dictionary["access"]) + self.assertIsNone(table_dictionary["can_compute"]) + + def test_handle_verified_shared(self): + workspace = WorkspaceFactory.create(name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.READER, + ) + instance = workspace_sharing_audit_results.VerifiedShared( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.READER) + self.assertEqual(sharing.created, date_created) + self.assertEqual(sharing.modified, date_created) + + def test_handle_verified_not_shared(self): + workspace = WorkspaceFactory.create(name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.VerifiedNotShared( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 0) + + def test_handle_share_as_reader_new(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.ShareAsReader( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing = WorkspaceGroupSharing.objects.first() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_handle_share_as_reader_update(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + instance = workspace_sharing_audit_results.ShareAsReader( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + + def test_handle_share_as_writer_new(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.ShareAsWriter( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing = WorkspaceGroupSharing.objects.first() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.WRITER) + self.assertFalse(sharing.can_compute) + + def test_handle_share_as_writer_update(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.OWNER, + can_compute=True, + ) + instance = workspace_sharing_audit_results.ShareAsWriter( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.WRITER) + self.assertFalse(sharing.can_compute) + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + + def test_handle_share_with_compute_new(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.ShareWithCompute( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing = WorkspaceGroupSharing.objects.first() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_handle_share_with_compute_update(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.READER, + can_compute=False, + ) + instance = workspace_sharing_audit_results.ShareWithCompute( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + + def test_handle_share_as_owner_new(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.ShareAsOwner( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing = WorkspaceGroupSharing.objects.first() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_handle_share_as_owner_update(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.READER, + can_compute=False, + ) + instance = workspace_sharing_audit_results.ShareAsOwner( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + + def test_handle_stop_sharing(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.READER, + can_compute=False, + ) + instance = workspace_sharing_audit_results.StopSharing( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 0) + + +class WorkspaceAuthDomainAuditResultTest(AnVILAPIMockTestMixin, TestCase): + """General tests of the WorkspaceAuthDomainAuditResult dataclasses.""" + + def test_handle_verified_member(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.MEMBER, + ) + instance = workspace_auth_domain_audit_results.VerifiedMember( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.MEMBER) + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_handle_verified_admin(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), child_group=group, role=GroupGroupMembership.ADMIN + ) + instance = workspace_auth_domain_audit_results.VerifiedAdmin( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.ADMIN) + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_handle_verified_not_member(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + instance = workspace_auth_domain_audit_results.VerifiedMember( + workspace=workspace, + managed_group=group, + current_membership_instance=None, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 0) + + def test_handle_add_member(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + instance = workspace_auth_domain_audit_results.AddMember( + workspace=workspace, + managed_group=group, + current_membership_instance=None, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/member/{group.email}", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership = GroupGroupMembership.objects.first() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.MEMBER) + + def test_handle_add_admin(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + instance = workspace_auth_domain_audit_results.AddAdmin( + workspace=workspace, + managed_group=group, + current_membership_instance=None, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/admin/{group.email}", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership = GroupGroupMembership.objects.first() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.ADMIN) + + def test_handle_change_to_member(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.ADMIN, + ) + instance = workspace_auth_domain_audit_results.ChangeToMember( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership = GroupGroupMembership.objects.first() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.MEMBER) + self.assertGreater(membership.modified, date_created) + + def test_handle_change_to_admin(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.MEMBER, + ) + instance = workspace_auth_domain_audit_results.ChangeToAdmin( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership = GroupGroupMembership.objects.first() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.ADMIN) + self.assertGreater(membership.modified, date_created) + + def test_handle_remove(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.MEMBER, + ) + instance = workspace_auth_domain_audit_results.Remove( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 0) + + def test_member_as_admin(self): + upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + group = ManagedGroupFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=upload_workspace.workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.ADMIN, + ) + instance = workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult( + workspace=upload_workspace.workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertEqual(table_dictionary["role"], membership.ADMIN) + + def test_member_as_member(self): + upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + group = ManagedGroupFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=upload_workspace.workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.MEMBER, + ) + instance = workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult( + workspace=upload_workspace.workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertEqual(table_dictionary["role"], membership.MEMBER) + + def test_not_member(self): + upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + group = ManagedGroupFactory.create() + instance = workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult( + workspace=upload_workspace.workspace, + managed_group=group, + current_membership_instance=None, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertIsNone(table_dictionary["role"]) + + +class UploadWorkspaceSharingAuditTableTest(TestCase): + """General tests of the UploadWorkspaceSharingAuditTable class.""" + + def test_no_rows(self): + """Table works with no rows.""" + table = upload_workspace_audit.UploadWorkspaceSharingAuditTable([]) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceSharingAuditTable) + self.assertEqual(len(table.rows), 0) + + def test_one_row(self): + """Table works with one row.""" + upload_workspace = factories.UploadWorkspaceFactory.create() + group = ManagedGroupFactory.create() + WorkspaceGroupSharingFactory.create( + workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.READER + ) + data = [ + { + "workspace": upload_workspace.workspace, + "managed_group": group, + "access": WorkspaceGroupSharing.READER, + "can_compute": None, + "note": "a note", + "action": "", + }, + ] + table = upload_workspace_audit.UploadWorkspaceSharingAuditTable(data) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceSharingAuditTable) + self.assertEqual(len(table.rows), 1) + + def test_two_rows(self): + """Table works with two rows.""" + upload_workspace = factories.UploadWorkspaceFactory.create() + group_1 = ManagedGroupFactory.create() + group_2 = ManagedGroupFactory.create() + WorkspaceGroupSharingFactory.create( + workspace=upload_workspace.workspace, group=group_1, access=WorkspaceGroupSharing.READER + ) + data = [ + { + "workspace": upload_workspace.workspace, + "managed_group": group_1, + "access": WorkspaceGroupSharing.READER, + "can_compute": None, + "note": "a note", + "action": "", + }, + { + "workspace": upload_workspace.workspace, + "managed_group": group_2, + "access": None, + "can_compute": None, + "note": "a note", + "action": "", + }, + ] + table = upload_workspace_audit.UploadWorkspaceSharingAuditTable(data) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceSharingAuditTable) + self.assertEqual(len(table.rows), 2) + + class UploadWorkspaceSharingAuditTest(TestCase): """General tests of the `UploadWorkspaceSharingAudit` class.""" def test_completed(self): """The completed attribute is set appropriately.""" # Instantiate the class. - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() self.assertFalse(audit.completed) audit.run_audit() self.assertTrue(audit.completed) def test_no_upload_workspaces(self): """The audit works if there are no UploadWorkspaces.""" - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -183,31 +1012,31 @@ def test_no_upload_workspaces(self): def test_one_upload_workspace_no_groups(self): upload_workspace = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, upload_workspace.workspace.authorization_domains.first()) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_one_upload_workspace_rc_upload_group(self): group = ManagedGroupFactory.create() upload_workspace = factories.UploadWorkspaceFactory.create( research_center__uploader_group=group, upload_cycle__is_future=True ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_writer_group(self): @@ -216,14 +1045,14 @@ def test_one_upload_workspace_dcc_writer_group(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.WRITER, can_compute=True ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_auth_domain(self): @@ -232,14 +1061,14 @@ def test_one_upload_workspace_auth_domain(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) # auth domain is shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_admin_group(self): @@ -248,14 +1077,14 @@ def test_one_upload_workspace_dcc_admin_group(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") @@ -265,21 +1094,21 @@ def test_one_upload_workspace_dcc_admin_group_different_name(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_anvil_admin_group(self): group = ManagedGroupFactory.create(name="anvil-admins") upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) WorkspaceGroupSharingFactory.create(workspace=upload_workspace.workspace, group=group) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared @@ -289,7 +1118,7 @@ def test_one_upload_workspace_anvil_dev_group(self): group = ManagedGroupFactory.create(name="anvil_devs") upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) WorkspaceGroupSharingFactory.create(workspace=upload_workspace.workspace, group=group) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared @@ -301,20 +1130,20 @@ def test_one_upload_workspace_other_group_shared(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_other_group_not_shared(self): ManagedGroupFactory.create(name="foo") factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared @@ -328,23 +1157,23 @@ def test_two_upload_workspaces(self): group=upload_workspace_1.workspace.authorization_domains.first(), ) upload_workspace_2 = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace_1) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace_1.workspace) self.assertEqual(record.managed_group, upload_workspace_1.workspace.authorization_domains.first()) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, upload_workspace_2) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, upload_workspace_2.workspace) self.assertEqual(record.managed_group, upload_workspace_2.workspace.authorization_domains.first()) self.assertIsNone(record.current_sharing_instance) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_queryset(self): """Audit only runs on the specified queryset of dbGaPApplications.""" @@ -355,7 +1184,7 @@ def test_queryset(self): ) upload_workspace_2 = factories.UploadWorkspaceFactory.create() # First application - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + audit = upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=models.UploadWorkspace.objects.filter(pk=upload_workspace_1.pk) ) audit.run_audit() @@ -363,13 +1192,13 @@ def test_queryset(self): self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace_1) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace_1.workspace) self.assertEqual(record.managed_group, upload_workspace_1.workspace.authorization_domains.first()) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) # Second application - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + audit = upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=models.UploadWorkspace.objects.filter(pk=upload_workspace_2.pk) ) audit.run_audit() @@ -377,18 +1206,18 @@ def test_queryset(self): self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, upload_workspace_2) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, upload_workspace_2.workspace) self.assertEqual(record.managed_group, upload_workspace_2.workspace.authorization_domains.first()) self.assertIsNone(record.current_sharing_instance) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_queryset_wrong_class(self): """Raises ValueError if queryset is not a QuerySet.""" with self.assertRaises(ValueError): - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit(queryset="foo") + upload_workspace_audit.UploadWorkspaceSharingAudit(queryset="foo") with self.assertRaises(ValueError): - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=models.CombinedConsortiumDataWorkspace.objects.all() ) @@ -420,34 +1249,30 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_uploaders_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -456,89 +1281,79 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_dcc_writers_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_dcc_writers_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -547,85 +1362,79 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_auth_domain_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -634,79 +1443,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -715,49 +1524,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -765,31 +1574,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -802,7 +1611,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -812,7 +1621,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -822,7 +1631,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -833,14 +1642,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -853,7 +1662,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -863,7 +1672,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -873,7 +1682,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -884,30 +1693,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -916,49 +1725,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditCurrentCycleBeforeComputeTest(TestCase): @@ -990,35 +1799,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -1028,57 +1837,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -1086,34 +1895,30 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1122,85 +1927,79 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_auth_domain_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1209,79 +2008,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1290,49 +2089,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -1340,31 +2139,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1377,7 +2176,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1387,7 +2186,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1397,7 +2196,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1408,14 +2207,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1428,7 +2227,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1438,7 +2237,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1448,7 +2247,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1459,30 +2258,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1491,49 +2290,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditCurrentCycleAfterComputeTest(TestCase): @@ -1567,35 +2366,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -1605,57 +2404,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -1663,34 +2462,30 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1699,85 +2494,79 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_auth_domain_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1786,79 +2575,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1867,49 +2656,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -1917,31 +2706,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1954,7 +2743,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1964,7 +2753,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1974,7 +2763,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1985,14 +2774,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2005,7 +2794,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2015,7 +2804,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2025,7 +2814,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2036,30 +2825,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2068,49 +2857,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditPastCycleBeforeQCCompleteTest(TestCase): @@ -2141,35 +2930,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -2179,57 +2968,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -2237,35 +3026,35 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_shared_as_writer_can_compute(self): @@ -2275,57 +3064,57 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_auth_domain_shared_as_writer_no_compute(self): @@ -2333,30 +3122,30 @@ def test_auth_domain_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2365,79 +3154,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2446,49 +3235,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -2496,31 +3285,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2533,7 +3322,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2543,7 +3332,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2553,7 +3342,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2564,14 +3353,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2584,7 +3373,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2594,7 +3383,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2604,7 +3393,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2615,30 +3404,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2647,49 +3436,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditPastCycleAfterQCCompleteTest(TestCase): @@ -2721,35 +3510,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -2759,57 +3548,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -2817,35 +3606,35 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_shared_as_writer_can_compute(self): @@ -2855,57 +3644,57 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_auth_domain_shared_as_writer_no_compute(self): @@ -2913,30 +3702,30 @@ def test_auth_domain_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2945,79 +3734,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3026,49 +3815,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -3076,31 +3865,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3113,7 +3902,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3123,7 +3912,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3133,7 +3922,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3144,14 +3933,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3164,7 +3953,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3174,7 +3963,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3184,7 +3973,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3195,30 +3984,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3227,49 +4016,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditPastCycleAfterCombinedWorkspaceSharedTest(TestCase): @@ -3309,35 +4098,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -3347,57 +4136,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -3405,35 +4194,35 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_shared_as_writer_can_compute(self): @@ -3443,57 +4232,57 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_auth_domain_shared_as_writer_no_compute(self): @@ -3501,30 +4290,30 @@ def test_auth_domain_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3533,79 +4322,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3614,49 +4403,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -3664,31 +4453,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3701,7 +4490,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3711,7 +4500,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3721,7 +4510,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3732,14 +4521,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3752,7 +4541,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3762,7 +4551,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3772,7 +4561,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3783,30 +4572,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3815,49 +4604,111 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + + +class UploadWorkspaceAuthDomainAuditTableTest(TestCase): + """General tests of the UploadWorkspaceAuthDomainAuditTable class.""" + + def test_no_rows(self): + """Table works with no rows.""" + table = upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable([]) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable) + self.assertEqual(len(table.rows), 0) + + def test_one_row(self): + """Table works with one row.""" + upload_workspace = factories.UploadWorkspaceFactory.create() + group = ManagedGroupFactory.create() + GroupGroupMembershipFactory.create( + parent_group=upload_workspace.workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.MEMBER, + ) + data = [ + { + "workspace": upload_workspace.workspace, + "managed_group": group, + "role": GroupGroupMembership.MEMBER, + "note": "a note", + "action": "", + }, + ] + table = upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable(data) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable) + self.assertEqual(len(table.rows), 1) + + def test_two_rows(self): + """Table works with two rows.""" + upload_workspace = factories.UploadWorkspaceFactory.create() + group_1 = ManagedGroupFactory.create() + group_2 = ManagedGroupFactory.create() + GroupGroupMembershipFactory.create( + parent_group=upload_workspace.workspace.authorization_domains.first(), + child_group=group_1, + role=GroupGroupMembership.MEMBER, + ) + data = [ + { + "workspace": upload_workspace.workspace, + "managed_group": group_1, + "role": GroupGroupMembership.MEMBER, + "note": "a note", + "action": "", + }, + { + "workspace": upload_workspace.workspace, + "managed_group": group_2, + "role": None, + "note": "a note", + "action": "", + }, + ] + table = upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable(data) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable) + self.assertEqual(len(table.rows), 2) class UploadWorkspaceAuthDomainAuditTest(TestCase): @@ -3866,14 +4717,14 @@ class UploadWorkspaceAuthDomainAuditTest(TestCase): def test_completed(self): """The completed attribute is set appropriately.""" # Instantiate the class. - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() self.assertFalse(audit.completed) audit.run_audit() self.assertTrue(audit.completed) def test_no_upload_workspaces(self): """The audit works if there are no UploadWorkspaces.""" - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3881,7 +4732,7 @@ def test_no_upload_workspaces(self): def test_one_upload_workspace_no_groups(self): upload_workspace = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3892,7 +4743,7 @@ def test_one_upload_workspace_no_groups(self): def test_two_upload_workspace_no_groups(self): upload_workspace_1 = factories.UploadWorkspaceFactory.create() upload_workspace_2 = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3906,14 +4757,14 @@ def test_one_upload_workspace_rc_member_group(self): upload_workspace = factories.UploadWorkspaceFactory.create( research_center__member_group=group, upload_cycle__is_future=True ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_rc_upload_group(self): @@ -3921,14 +4772,14 @@ def test_one_upload_workspace_rc_upload_group(self): upload_workspace = factories.UploadWorkspaceFactory.create( research_center__uploader_group=group, upload_cycle__is_future=True ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_rc_nonmember_group(self): @@ -3936,14 +4787,14 @@ def test_one_upload_workspace_rc_nonmember_group(self): upload_workspace = factories.UploadWorkspaceFactory.create( research_center__non_member_group=group, upload_cycle__is_future=True ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_member_group(self): @@ -3952,14 +4803,14 @@ def test_one_upload_workspace_dcc_member_group(self): GroupGroupMembershipFactory.create( parent_group=upload_workspace.workspace.authorization_domains.first(), child_group=group ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_writer_group(self): @@ -3968,14 +4819,14 @@ def test_one_upload_workspace_dcc_writer_group(self): GroupGroupMembershipFactory.create( parent_group=upload_workspace.workspace.authorization_domains.first(), child_group=group ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_admin_group(self): @@ -3986,14 +4837,14 @@ def test_one_upload_workspace_dcc_admin_group(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") @@ -4005,14 +4856,14 @@ def test_one_upload_workspace_dcc_admin_group_different_name(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_anvil_admin_group(self): @@ -4023,7 +4874,7 @@ def test_one_upload_workspace_anvil_admin_group(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4037,7 +4888,7 @@ def test_one_upload_workspace_anvil_dev_group(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4046,14 +4897,14 @@ def test_one_upload_workspace_anvil_dev_group(self): def test_one_upload_workspace_gregor_all_group(self): group = ManagedGroupFactory.create(name="GREGOR_ALL") upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_other_group_member(self): @@ -4064,20 +4915,20 @@ def test_one_upload_workspace_other_group_member(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_other_group_not_member(self): ManagedGroupFactory.create(name="foo") factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4093,23 +4944,23 @@ def test_two_upload_workspaces(self): role=GroupGroupMembership.ADMIN, ) upload_workspace_2 = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, upload_workspace_1) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, upload_workspace_1.workspace) self.assertEqual(record.managed_group, admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, upload_workspace_2) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, upload_workspace_2.workspace) self.assertEqual(record.managed_group, admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_queryset(self): """Audit only runs on the specified queryset of UploadWorkspaces.""" @@ -4122,7 +4973,7 @@ def test_queryset(self): ) upload_workspace_2 = factories.UploadWorkspaceFactory.create() # First application - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=models.UploadWorkspace.objects.filter(pk=upload_workspace_1.pk) ) audit.run_audit() @@ -4130,13 +4981,13 @@ def test_queryset(self): self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, upload_workspace_1) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, upload_workspace_1.workspace) self.assertEqual(record.managed_group, admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) # Second application - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=models.UploadWorkspace.objects.filter(pk=upload_workspace_2.pk) ) audit.run_audit() @@ -4144,18 +4995,18 @@ def test_queryset(self): self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, upload_workspace_2) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, upload_workspace_2.workspace) self.assertEqual(record.managed_group, admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_queryset_wrong_class(self): """Raises ValueError if queryset is not a QuerySet.""" with self.assertRaises(ValueError): - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit(queryset="foo") + upload_workspace_audit.UploadWorkspaceAuthDomainAudit(queryset="foo") with self.assertRaises(ValueError): - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=models.CombinedConsortiumDataWorkspace.objects.all() ) @@ -4186,17 +5037,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -4204,17 +5055,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4222,30 +5073,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -4253,17 +5104,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4271,30 +5122,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -4302,17 +5153,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4320,30 +5171,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -4351,17 +5202,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4369,47 +5220,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -4417,19 +5266,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4437,34 +5284,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -4472,19 +5315,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4492,34 +5333,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -4527,19 +5364,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4547,32 +5382,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -4580,17 +5413,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4598,20 +5431,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4623,7 +5456,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4635,14 +5468,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4654,7 +5487,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4666,7 +5499,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4701,19 +5534,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -4721,19 +5552,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4741,34 +5570,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -4776,19 +5601,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4796,34 +5619,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -4831,19 +5650,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4851,32 +5668,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -4884,17 +5699,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4902,47 +5717,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -4950,19 +5763,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4970,34 +5781,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5005,19 +5812,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5025,34 +5830,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -5060,19 +5861,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5080,32 +5879,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -5113,17 +5910,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5131,20 +5928,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5156,7 +5953,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5168,14 +5965,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5187,7 +5984,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5199,7 +5996,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5236,19 +6033,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -5256,19 +6051,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5276,34 +6069,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5311,19 +6100,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5331,34 +6118,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5366,19 +6149,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5386,32 +6167,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -5419,17 +6198,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5437,47 +6216,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -5485,19 +6262,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5505,34 +6280,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5540,19 +6311,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5560,34 +6329,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -5595,19 +6360,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5615,32 +6378,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -5648,17 +6409,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5666,20 +6427,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5691,7 +6452,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5703,14 +6464,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5722,7 +6483,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5734,7 +6495,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5773,19 +6534,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -5793,19 +6552,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5813,34 +6570,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5848,19 +6601,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5868,34 +6619,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5903,19 +6650,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5923,32 +6668,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -5956,17 +6699,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5974,47 +6717,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -6022,19 +6763,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6042,34 +6781,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6077,19 +6812,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6097,34 +6830,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -6132,19 +6861,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6152,32 +6879,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -6185,17 +6910,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6203,20 +6928,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6228,7 +6953,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6240,14 +6965,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6259,7 +6984,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6271,7 +6996,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6311,19 +7036,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -6331,19 +7054,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6351,34 +7072,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6386,19 +7103,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6406,34 +7121,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6441,19 +7152,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6461,32 +7170,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -6494,17 +7201,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6512,47 +7219,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -6560,19 +7265,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6580,34 +7283,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6615,19 +7314,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6635,34 +7332,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -6670,19 +7363,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6690,32 +7381,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -6723,17 +7412,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6741,20 +7430,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6766,7 +7455,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6778,14 +7467,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6797,7 +7486,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6809,7 +7498,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6852,19 +7541,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -6872,19 +7559,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6892,34 +7577,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6927,19 +7608,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6947,34 +7626,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6982,19 +7657,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7002,32 +7675,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -7035,17 +7706,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7053,47 +7724,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -7101,19 +7770,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7121,34 +7788,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -7156,19 +7819,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7176,34 +7837,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -7211,19 +7868,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7231,32 +7886,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -7264,17 +7917,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7282,20 +7935,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7307,7 +7960,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7319,14 +7972,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7338,7 +7991,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7350,8 +8003,2113 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) + + +class CombinedConsortiumWorkspaceAuthDomainAuditTest(TestCase): + def test_completed(self): + """The completed attribute is set appropriately.""" + # Instantiate the class. + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + self.assertFalse(audit.completed) + audit.run_audit() + self.assertTrue(audit.completed) + + def test_no_workspaces(self): + """The audit works if there are no combined workspaces.""" + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_no_groups(self): + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_dcc_admin_group(self): + group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_one_workspace_dcc_admin_group_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_gregor_all_group(self): + group = ManagedGroupFactory.create(name="GREGOR_ALL") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_anvil_admins_group(self): + ManagedGroupFactory.create(name="anvil-admins") + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_anvil_devs_group(self): + ManagedGroupFactory.create(name="anvil_devs") + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_other_group_member(self): + group = ManagedGroupFactory.create() + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=combined_workspace.workspace.authorization_domains.first(), child_group=group + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_other_group_not_member(self): + ManagedGroupFactory.create() + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_two_workspaces(self): + """Audit works with two UploadWorkspaces.""" + group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + combined_workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=combined_workspace_1.workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.ADMIN, + ) + combined_workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, combined_workspace_1.workspace) + self.assertEqual(record.managed_group, group) + self.assertEqual(record.current_membership_instance, membership) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, combined_workspace_2.workspace) + self.assertEqual(record.managed_group, group) + self.assertIsNone(record.current_membership_instance) + + def test_queryset(self): + """Audit only runs on the specified queryset.""" + group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + combined_workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=combined_workspace_1.workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.ADMIN, + ) + combined_workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create() + # First application + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit( + queryset=models.CombinedConsortiumDataWorkspace.objects.filter(pk=combined_workspace_1.pk) + ) + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, combined_workspace_1.workspace) + self.assertEqual(record.managed_group, group) + self.assertEqual(record.current_membership_instance, membership) + # Second application + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit( + queryset=models.CombinedConsortiumDataWorkspace.objects.filter(pk=combined_workspace_2.pk) + ) + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, combined_workspace_2.workspace) + self.assertEqual(record.managed_group, group) + self.assertIsNone(record.current_membership_instance) + + def test_queryset_wrong_class(self): + """Raises ValueError if queryset is not a QuerySet.""" + with self.assertRaises(ValueError): + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit(queryset="foo") + with self.assertRaises(ValueError): + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit( + queryset=models.UploadWorkspace.objects.all() + ) + + +class CombinedConsortiumWorkspaceAuthDomainAuditBeforeCompleteTest(TestCase): + """Tests for the `CombinedConsortiumDataWorkspaceAuthDomainAudit` class for workspaces that are not yet complete.""" + + def setUp(self): + super().setUp() + self.dcc_member_group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.dcc_writer_group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + self.dcc_admin_group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.gregor_all_group = ManagedGroupFactory.create(name="GREGOR_ALL") + self.combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_past=True, + date_completed=None, + ) + self.auth_domain = self.combined_workspace.workspace.authorization_domains.first() + self.other_group = ManagedGroupFactory.create() + self.anvil_admins = ManagedGroupFactory.create(name="anvil-admins") + self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") + + def test_dcc_admin_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.dcc_admin_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_dcc_admin_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.dcc_admin_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_dcc_admin_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_dcc_admin_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_gregor_all_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.gregor_all_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_gregor_all_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.gregor_all_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER + ) + + def test_gregor_all_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER + ) + + def test_anvil_admins_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_member(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_admins, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_admin(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_admins, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_member(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_devs, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_admin(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_devs, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_other_group_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.other_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + + def test_other_group_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.other_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP + ) + + def test_other_group_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP + ) + + +class CombinedConsortiumWorkspaceAuthDomainAuditAfterCompleteTest(TestCase): + """Tests for the `CombinedConsortiumDataWorkspaceAuthDomainAudit` class for workspaces that are complete.""" + + def setUp(self): + super().setUp() + self.dcc_member_group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.dcc_writer_group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + self.dcc_admin_group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.gregor_all_group = ManagedGroupFactory.create(name="GREGOR_ALL") + self.combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_past=True, + date_completed=fake.date_this_year(before_today=True, after_today=False), + ) + self.auth_domain = self.combined_workspace.workspace.authorization_domains.first() + self.other_group = ManagedGroupFactory.create() + self.anvil_admins = ManagedGroupFactory.create(name="anvil-admins") + self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") + + def test_dcc_admin_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.dcc_admin_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_dcc_admin_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.dcc_admin_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_dcc_admin_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_dcc_admin_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_gregor_all_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.gregor_all_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_gregor_all_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.gregor_all_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER + ) + + def test_gregor_all_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER + ) + + def test_anvil_admins_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_member(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_admins, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_admin(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_admins, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_member(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_devs, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_admin(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_devs, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_other_group_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.other_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + + def test_other_group_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.other_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP + ) + + def test_other_group_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP + ) + + +class CombinedConsortiumWorkspaceSharingAuditTest(TestCase): + def test_completed(self): + """The completed attribute is set appropriately.""" + # Instantiate the class. + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + self.assertFalse(audit.completed) + audit.run_audit() + self.assertTrue(audit.completed) + + def test_no_workspaces(self): + """The audit works if there are no combined workspaces.""" + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_no_groups(self): + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_dcc_admin_group(self): + group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_one_workspace_dcc_admin_group_different_name(self): + group = ManagedGroupFactory.create(name="foo") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_dcc_writer_group(self): + group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_dcc_member_group(self): + group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_anvil_admins(self): + ManagedGroupFactory.create(name="anvil-admins") + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_anvil_devs(self): + ManagedGroupFactory.create(name="anvil_devs") + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_auth_domain(self): + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = combined_workspace.workspace.authorization_domains.first() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_other_group_shared(self): + group = ManagedGroupFactory.create() + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + WorkspaceGroupSharingFactory.create(workspace=combined_workspace.workspace, group=group) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_other_group_not_shared(self): + ManagedGroupFactory.create() + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_two_workspaces(self): + """Audit works with two UploadWorkspaces.""" + combined_workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + combined_workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=fake.date_this_year(before_today=True, after_today=False) + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, combined_workspace_1.workspace) + self.assertEqual(record.managed_group, combined_workspace_1.workspace.authorization_domains.first()) + self.assertIsNone(record.current_sharing_instance) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, combined_workspace_2.workspace) + self.assertEqual(record.managed_group, combined_workspace_2.workspace.authorization_domains.first()) + self.assertIsNone(record.current_sharing_instance) + + def test_queryset(self): + """Audit only runs on the specified queryset.""" + combined_workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + combined_workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=fake.date_this_year(before_today=True, after_today=False) + ) + # First application + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit( + queryset=models.CombinedConsortiumDataWorkspace.objects.filter(pk=combined_workspace_1.pk) + ) + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, combined_workspace_1.workspace) + self.assertEqual(record.managed_group, combined_workspace_1.workspace.authorization_domains.first()) + self.assertIsNone(record.current_sharing_instance) + # Second application + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit( + queryset=models.CombinedConsortiumDataWorkspace.objects.filter(pk=combined_workspace_2.pk) + ) + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, combined_workspace_2.workspace) + self.assertEqual(record.managed_group, combined_workspace_2.workspace.authorization_domains.first()) + self.assertIsNone(record.current_sharing_instance) + + def test_queryset_wrong_class(self): + """Raises ValueError if queryset is not a QuerySet.""" + with self.assertRaises(ValueError): + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit(queryset="foo") + with self.assertRaises(ValueError): + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit( + queryset=models.UploadWorkspace.objects.all() + ) + + +class CombinedConsortiumWorkspaceSharingAuditBeforeCompleteTest(TestCase): + def setUp(self): + super().setUp() + self.dcc_member_group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.dcc_writer_group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + self.dcc_admin_group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_past=True, + date_completed=None, + ) + self.auth_domain = self.combined_workspace.workspace.authorization_domains.first() + self.other_group = ManagedGroupFactory.create() + self.anvil_admins = ManagedGroupFactory.create(name="anvil-admins") + self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") + + def test_dcc_admin_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_admin_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_dcc_admin_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_writers_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_writers_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_writers_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_writers_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.READER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_writers_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.WRITER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.READER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_member_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_auth_domain_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_auth_domain_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_auth_domain_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.auth_domain, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_auth_domain_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_auth_domain_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_anvil_admins_shared_as_writer_no_compute(self): + # Share the workspace with the group. + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_writer_can_compute(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.anvil_admins, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_reader(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_owner(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_writer_no_compute(self): + # Share the workspace with the group. + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_writer_can_compute(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.anvil_devs, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_reader(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_owner(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_other_group_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.other_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + +class CombinedConsortiumWorkspaceSharingAuditAfterCompleteTest(TestCase): + def setUp(self): + super().setUp() + self.dcc_member_group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.dcc_writer_group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + self.dcc_admin_group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_past=True, + date_completed=fake.date_this_year(before_today=True, after_today=False), + ) + self.auth_domain = self.combined_workspace.workspace.authorization_domains.first() + self.other_group = ManagedGroupFactory.create() + self.anvil_admins = ManagedGroupFactory.create(name="anvil-admins") + self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") + + def test_dcc_admin_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_admin_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_dcc_admin_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_writers_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_writers_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_writers_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_writers_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.READER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_writers_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_members_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.WRITER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_dcc_members_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_dcc_members_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_dcc_members_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.READER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_dcc_members_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_member_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_auth_domain_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_auth_domain_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_auth_domain_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.auth_domain, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_auth_domain_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_auth_domain_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_anvil_admins_shared_as_writer_no_compute(self): + # Share the workspace with the group. + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_writer_can_compute(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.anvil_admins, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_reader(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_owner(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_writer_no_compute(self): + # Share the workspace with the group. + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_writer_can_compute(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.anvil_devs, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_reader(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_owner(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_other_group_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.other_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) diff --git a/gregor_django/gregor_anvil/tests/test_commands.py b/gregor_django/gregor_anvil/tests/test_commands.py index b39cbfbe..33568383 100644 --- a/gregor_django/gregor_anvil/tests/test_commands.py +++ b/gregor_django/gregor_anvil/tests/test_commands.py @@ -1,5 +1,6 @@ """Tests for management commands in the `gregor_anvil` app.""" +from datetime import timedelta from io import StringIO from anvil_consortium_manager.models import GroupGroupMembership, WorkspaceGroupSharing @@ -14,6 +15,7 @@ from django.core.management import call_command from django.test import TestCase from django.urls import reverse +from django.utils import timezone from . import factories @@ -364,3 +366,301 @@ def test_auth_domain_audit_one_instance_needs_action_link_in_output(self): self.assertIn(url, out.getvalue()) # Zero messages have been sent by default. self.assertEqual(len(mail.outbox), 0) + + +class RunCombinedWorkspaceAuditTestCase(TestCase): + def test_no_workspaces(self): + """Test command output.""" + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... ok!", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... ok!", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_verified(self): + """Test command output with one verified instance.""" + factories.CombinedConsortiumDataWorkspaceFactory.create() + # Verified not shared with auth domain. + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... ok!", + "* Verified: 1", + "* Needs action: 0", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_needs_action(self): + """Test command output with one needs_action instance.""" + # Create a workspace and matching DAR. + factories.CombinedConsortiumDataWorkspaceFactory.create(date_completed=timezone.now() - timedelta(days=1)) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... problems found.", + "* Verified: 0", + "* Needs action: 1", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_error(self): + """Test command output with one error instance.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=workspace.workspace.authorization_domains.first(), + access=WorkspaceGroupSharing.OWNER, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... problems found.", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 1", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_verified_email(self): + """No email is sent when there are no errors.""" + factories.CombinedConsortiumDataWorkspaceFactory.create() + # Verified not shared with auth domain. + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + self.assertIn("Running CombinedConsortiumDataWorkspace sharing audit... ok!", out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_needs_action_email(self): + """Email is sent for one needs_action instance.""" + # Create a workspace and matching DAR. + factories.CombinedConsortiumDataWorkspaceFactory.create(date_completed=timezone.now() - timedelta(days=1)) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... problems found.", + "* Verified: 0", + "* Needs action: 1", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # One message has been sent by default. + self.assertEqual(len(mail.outbox), 1) + email = mail.outbox[0] + self.assertEqual(email.to, ["test@example.com"]) + self.assertEqual(email.subject, "CombinedConsortiumDataWorkspaceSharingAudit - problems found") + + def test_sharing_audit_one_instance_error_email(self): + """Test command output with one error instance.""" + # Create a workspace and matching DAR. + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=workspace.workspace.authorization_domains.first(), + access=WorkspaceGroupSharing.OWNER, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... problems found.", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 1", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # One message has been sent by default. + self.assertEqual(len(mail.outbox), 1) + email = mail.outbox[0] + self.assertEqual(email.to, ["test@example.com"]) + self.assertEqual(email.subject, "CombinedConsortiumDataWorkspaceSharingAudit - problems found") + + def test_sharing_audit_one_instance_needs_action_link_in_output(self): + factories.CombinedConsortiumDataWorkspaceFactory.create(date_completed=timezone.now() - timedelta(days=1)) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + url = reverse("gregor_anvil:audit:combined_workspaces:sharing:all") + self.assertIn(url, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_different_domain(self): + """Test command output when a different domain is specified.""" + site = Site.objects.create(domain="foobar.com", name="test") + site.save() + with self.settings(SITE_ID=site.id): + factories.CombinedConsortiumDataWorkspaceFactory.create(date_completed=timezone.now() - timedelta(days=1)) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + self.assertIn("Running CombinedConsortiumDataWorkspace sharing audit... problems found.", out.getvalue()) + self.assertIn("https://foobar.com", out.getvalue()) + + def test_auth_domain_audit_one_instance_verified(self): + """Test command output with one verified instance.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group__name=settings.ANVIL_DCC_ADMINS_GROUP_NAME, + role=GroupGroupMembership.ADMIN, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... ok!", + "* Verified: 1", + "* Needs action: 0", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_auth_domain_audit_one_instance_needs_action(self): + """Test command output with one needs_action instance.""" + factories.CombinedConsortiumDataWorkspaceFactory.create() + ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... problems found.", + "* Verified: 0", + "* Needs action: 1", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_auth_domain_audit_one_instance_error(self): + """Test command output with one error instance.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + role=GroupGroupMembership.ADMIN, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... problems found.", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 1", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_auth_domain_audit_one_instance_verified_email(self): + """No email is sent when there are no errors.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group__name="GREGOR_ALL", + role=GroupGroupMembership.MEMBER, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + self.assertIn("Running CombinedConsortiumDataWorkspace auth domain audit... ok!", out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_auth_domain_audit_one_instance_needs_action_email(self): + """Email is sent for one needs_action instance.""" + # Create a workspace and matching DAR. + factories.CombinedConsortiumDataWorkspaceFactory.create() + factories.ManagedGroupFactory.create(name="GREGOR_ALL") + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + # One message has been sent by default. + self.assertEqual(len(mail.outbox), 1) + email = mail.outbox[0] + self.assertEqual(email.to, ["test@example.com"]) + self.assertEqual(email.subject, "CombinedConsortiumDataWorkspaceAuthDomainAudit - problems found") + + def test_auth_domain_audit_one_instance_error_email(self): + """Test command output with one error instance.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + role=GroupGroupMembership.ADMIN, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... problems found.", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 1", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # One message has been sent by default. + self.assertEqual(len(mail.outbox), 1) + email = mail.outbox[0] + self.assertEqual(email.to, ["test@example.com"]) + self.assertEqual(email.subject, "CombinedConsortiumDataWorkspaceAuthDomainAudit - problems found") + + def test_auth_domain_audit_different_domain(self): + """Test command output when a different domain is specified.""" + site = Site.objects.create(domain="foobar.com", name="test") + site.save() + with self.settings(SITE_ID=site.id): + factories.CombinedConsortiumDataWorkspaceFactory.create() + ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + self.assertIn( + "Running CombinedConsortiumDataWorkspace auth domain audit... problems found.", out.getvalue() + ) + self.assertIn("https://foobar.com", out.getvalue()) + + def test_auth_domain_audit_one_instance_needs_action_link_in_output(self): + factories.CombinedConsortiumDataWorkspaceFactory.create() + ManagedGroupFactory.create(name="GREGOR_ALL") + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + url = reverse("gregor_anvil:audit:combined_workspaces:auth_domains:all") + self.assertIn(url, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) diff --git a/gregor_django/gregor_anvil/tests/test_views.py b/gregor_django/gregor_anvil/tests/test_views.py index fa752a8a..fc714590 100644 --- a/gregor_django/gregor_anvil/tests/test_views.py +++ b/gregor_django/gregor_anvil/tests/test_views.py @@ -25,7 +25,12 @@ from gregor_django.users.tests.factories import UserFactory from .. import forms, models, tables, views -from ..audit import upload_workspace_auth_domain_audit, upload_workspace_sharing_audit +from ..audit import ( + combined_workspace_audit, + upload_workspace_audit, + workspace_auth_domain_audit_results, + workspace_sharing_audit_results, +) from . import factories # from .utils import AnVILAPIMockTestMixin @@ -1906,18 +1911,26 @@ def test_contains_upload_workspaces_from_previous_cycles(self): self.assertIn(upload_workspace_1, response.context_data["upload_workspace_table"].data) self.assertIn(upload_workspace_2, response.context_data["upload_workspace_table"].data) - def test_contains_share_with_auth_domain_button(self): - acm_factories.WorkspaceAuthorizationDomainFactory.create( - workspace=self.object.workspace, group__name="test_auth" + def test_contains_sharing_audit_button(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url(self.object.workspace.billing_project.name, self.object.workspace.name)) + url = reverse( + "gregor_anvil:audit:combined_workspaces:sharing:by_workspace", + args=[ + self.object.workspace.billing_project.name, + self.object.workspace.name, + ], ) + self.assertContains(response, url) + + def test_contains_auth_domain_audit_button(self): self.client.force_login(self.user) response = self.client.get(self.get_url(self.object.workspace.billing_project.name, self.object.workspace.name)) url = reverse( - "anvil_consortium_manager:workspaces:sharing:new_by_group", + "gregor_anvil:audit:combined_workspaces:auth_domains:by_workspace", args=[ self.object.workspace.billing_project.name, self.object.workspace.name, - "test_auth", ], ) self.assertContains(response, url) @@ -2442,7 +2455,7 @@ def test_context_audit_results_no_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -2456,7 +2469,7 @@ def test_context_audit_results_one_upload_workspace(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -2472,7 +2485,7 @@ def test_context_audit_results_two_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 2) @@ -2493,15 +2506,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), acm_models.WorkspaceGroupSharing.OWNER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -2516,15 +2529,15 @@ def test_context_needs_action_table_share_as_reader(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, + upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2548,15 +2561,15 @@ def test_context_needs_action_table_share_as_writer(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2577,15 +2590,15 @@ def test_context_needs_action_table_share_with_compute(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2606,15 +2619,15 @@ def test_context_needs_action_table_share_as_owner(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2646,15 +2659,15 @@ def test_context_needs_action_table_stop_sharing(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2681,18 +2694,24 @@ def test_context_error_table_stop_sharing(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, + upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + def test_title(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + # self.assertContains(response, str(self.upload_workspace)) + self.assertIn("all upload workspaces", response.content.decode().lower()) + class UploadWorkspaceSharingAuditByWorkspaceTest(AnVILAPIMockTestMixin, TestCase): """Tests for the UploadWorkspaceSharingAuditByWorkspace view.""" @@ -2791,7 +2810,7 @@ def test_context_audit_results(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -2829,15 +2848,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), acm_models.WorkspaceGroupSharing.OWNER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -2856,15 +2875,15 @@ def test_context_needs_action_table_share_as_reader(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, + upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2893,15 +2912,15 @@ def test_context_needs_action_table_share_as_writer(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2926,15 +2945,15 @@ def test_context_needs_action_table_share_with_compute(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2959,15 +2978,15 @@ def test_context_needs_action_table_share_as_owner(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3007,15 +3026,15 @@ def test_context_needs_action_table_stop_sharing(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3047,18 +3066,29 @@ def test_context_error_table_stop_sharing(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, + upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + def test_title(self): + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.upload_workspace.workspace.billing_project.name, + self.upload_workspace.workspace.name, + ) + ) + self.assertContains(response, str(self.upload_workspace)) + # self.assertNotIn("all upload workspaces", response.content.decode().lower()) + class UploadWorkspaceSharingAuditByUploadCycleTest(AnVILAPIMockTestMixin, TestCase): """Tests for the UploadWorkspaceSharingAuditByUploadCycle view.""" @@ -3123,7 +3153,7 @@ def test_context_audit_results_no_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -3137,7 +3167,7 @@ def test_context_audit_results_one_upload_workspace(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -3153,7 +3183,7 @@ def test_context_audit_results_two_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 2) @@ -3169,7 +3199,7 @@ def test_context_audit_results_ignores_other_upload_cycles(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -3189,15 +3219,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), acm_models.WorkspaceGroupSharing.OWNER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -3212,15 +3242,15 @@ def test_context_needs_action_table_share_as_reader(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, + upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3244,15 +3274,15 @@ def test_context_needs_action_table_share_as_writer(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3273,15 +3303,15 @@ def test_context_needs_action_table_share_with_compute(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3302,15 +3332,15 @@ def test_context_needs_action_table_share_as_owner(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3345,15 +3375,15 @@ def test_context_needs_action_table_stop_sharing(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3381,18 +3411,24 @@ def test_context_error_table_stop_sharing(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, + upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + def test_title(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url(self.upload_cycle.cycle)) + self.assertContains(response, str(self.upload_cycle)) + self.assertNotIn("all upload workspaces", response.content.decode().lower()) + class UploadWorkspaceSharingAuditResolveTest(AnVILAPIMockTestMixin, TestCase): def setUp(self): @@ -3507,7 +3543,7 @@ def test_get_context_audit_result(self): self.assertIn("audit_result", response.context_data) self.assertIsInstance( response.context_data["audit_result"], - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditResult, + workspace_sharing_audit_results.WorkspaceSharingAuditResult, ) def test_get_verified_shared(self): @@ -3525,12 +3561,10 @@ def test_get_verified_shared(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_get_verified_not_shared(self): """Get request with VerifiedNotShared result.""" @@ -3542,12 +3576,10 @@ def test_get_verified_not_shared(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_get_share_as_reader(self): """Get request with ShareAsReader result.""" @@ -3559,12 +3591,10 @@ def test_get_share_as_reader(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_get_share_as_writer(self): group = acm_factories.ManagedGroupFactory.create() @@ -3578,12 +3608,12 @@ def test_get_share_as_writer(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) self.assertEqual( audit_result.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_get_share_with_compute(self): @@ -3595,12 +3625,10 @@ def test_get_share_with_compute(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_get_share_as_owner(self): group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) @@ -3611,12 +3639,10 @@ def test_get_share_as_owner(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_post_billing_project_does_not_exist(self): """Raises a 404 error with an invalid billing project.""" @@ -4210,7 +4236,7 @@ def test_post_share_as_reader_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsReader) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4241,7 +4267,7 @@ def test_post_new_share_as_writer_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsWriter) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsWriter) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4271,7 +4297,7 @@ def test_post_new_share_with_compute_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareWithCompute) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4301,7 +4327,7 @@ def test_post_new_share_as_owner_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsOwner) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4340,7 +4366,7 @@ def test_post_new_stop_sharing_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.StopSharing) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.StopSharing) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4551,7 +4577,7 @@ def get_url(self, *args): def get_view(self): """Return the view being tested.""" - return views.UploadWorkspaceAuthDomainAuditByUploadCycle.as_view() + return views.UploadWorkspaceAuthDomainAudit.as_view() def test_view_redirect_not_logged_in(self): "View redirects to login view when user is not logged in." @@ -4576,13 +4602,6 @@ def test_access_without_user_permission(self): with self.assertRaises(PermissionDenied): self.get_view()(request) - def test_invalid_upload_cycle(self): - """Raises a 404 error with an invalid upload cycle.""" - request = self.factory.get(self.get_url()) - request.user = self.user - with self.assertRaises(Http404): - self.get_view()(request) - def test_context_audit_results_no_upload_workspaces(self): """The audit_results exists in the context.""" self.client.force_login(self.user) @@ -4591,7 +4610,7 @@ def test_context_audit_results_no_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -4605,7 +4624,7 @@ def test_context_audit_results_one_upload_workspace(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -4621,7 +4640,7 @@ def test_context_audit_results_two_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 2) @@ -4644,15 +4663,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -4672,15 +4691,15 @@ def test_context_verified_table_no_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), None) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -4695,15 +4714,15 @@ def test_context_needs_action_table_add_member(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4718,15 +4737,15 @@ def test_context_needs_action_table_add_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4751,15 +4770,15 @@ def test_context_needs_action_table_remove(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4779,15 +4798,15 @@ def test_context_error_table_remove(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4807,15 +4826,15 @@ def test_context_errors_table_change_to_member(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4835,18 +4854,24 @@ def test_context_needs_action_table_change_to_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + def test_title(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + # self.assertContains(response, str(self.upload_workspace)) + self.assertIn("all upload workspaces", response.content.decode().lower()) + class UploadWorkspaceAuthDomainAuditByWorkspaceTest(AnVILAPIMockTestMixin, TestCase): """Tests for the UploadWorkspaceAuthDomainAuditByWorkspace view.""" @@ -4948,7 +4973,7 @@ def test_context_audit_results(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -4988,15 +5013,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -5023,15 +5048,15 @@ def test_context_verified_table_no_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), None) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -5050,15 +5075,15 @@ def test_context_needs_action_table_add_member(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5077,15 +5102,15 @@ def test_context_needs_action_table_add_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5117,15 +5142,15 @@ def test_context_needs_action_table_remove(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5149,15 +5174,15 @@ def test_context_error_table_remove(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5181,15 +5206,15 @@ def test_context_errors_table_change_to_member(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5213,18 +5238,29 @@ def test_context_needs_action_table_change_to_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + def test_title(self): + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.upload_workspace.workspace.billing_project.name, + self.upload_workspace.workspace.name, + ) + ) + self.assertContains(response, str(self.upload_workspace)) + self.assertNotIn("all upload workspaces", response.content.decode().lower()) + class UploadWorkspaceAuthDomainAuditByUploadCycleTest(AnVILAPIMockTestMixin, TestCase): """Tests for the UploadWorkspaceSharingAuditByUploadCycle view.""" @@ -5289,7 +5325,7 @@ def test_context_audit_results_no_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -5303,7 +5339,7 @@ def test_context_audit_results_one_upload_workspace(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -5319,7 +5355,7 @@ def test_context_audit_results_two_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 2) @@ -5335,7 +5371,7 @@ def test_context_audit_results_ignores_other_upload_cycles(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -5357,15 +5393,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -5388,15 +5424,15 @@ def test_context_verified_table_no_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), None) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -5411,15 +5447,15 @@ def test_context_needs_action_table_add_member(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5434,15 +5470,15 @@ def test_context_needs_action_table_add_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5470,15 +5506,15 @@ def test_context_needs_action_table_remove(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5498,15 +5534,15 @@ def test_context_error_table_remove(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5526,15 +5562,15 @@ def test_context_errors_table_change_to_member(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5554,18 +5590,24 @@ def test_context_needs_action_table_change_to_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + def test_title(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url(self.upload_cycle.cycle)) + self.assertContains(response, str(self.upload_cycle)) + self.assertNotIn("all upload workspaces", response.content.decode().lower()) + class UploadWorkspaceAuthDomainAuditResolveTest(AnVILAPIMockTestMixin, TestCase): """Tests for the UploadWorkspaceAuthDomainAuditResolve view.""" @@ -5682,7 +5724,7 @@ def test_get_context_audit_result(self): self.assertIn("audit_result", response.context_data) self.assertIsInstance( response.context_data["audit_result"], - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditResult, + workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult, ) def test_get_verified_member(self): @@ -5700,12 +5742,10 @@ def test_get_verified_member(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_get_verified_admin(self): """Get request with VerifiedAdmin result.""" @@ -5722,12 +5762,10 @@ def test_get_verified_admin(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_get_verified_not_member(self): """Get request with VerifiedNotMember result.""" @@ -5739,12 +5777,10 @@ def test_get_verified_not_member(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_get_add_member(self): """Get request with AddMember result.""" @@ -5756,12 +5792,10 @@ def test_get_add_member(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_get_add_admin(self): """Get request with AddAdmin result.""" @@ -5773,12 +5807,10 @@ def test_get_add_admin(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_get_change_to_member(self): """Get request with ChangeToMember result.""" @@ -5795,12 +5827,10 @@ def test_get_change_to_member(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_get_change_to_admin(self): """Get request with ChangeToAdmin result.""" @@ -5817,12 +5847,10 @@ def test_get_change_to_admin(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_get_remove(self): """Get request with ChangeToAdmin result.""" @@ -5838,12 +5866,10 @@ def test_get_remove(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.Remove) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_post_billing_project_does_not_exist(self): """Raises a 404 error with an invalid billing project.""" @@ -6901,3 +6927,3918 @@ def test_post_htmx_api_error_remove_member(self): # No messages messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 0) + + +class CombinedConsortiumDataWorkspaceSharingAuditTest(AnVILAPIMockTestMixin, TestCase): + """Tests for the CombinedConsortiumDataWorkspaceSharingAudit view.""" + + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:sharing:all", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceSharingAudit.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url()) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url(), + ) + + def test_status_code_with_user_permission_view(self): + """Returns successful response code if the user has view permission.""" + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertEqual(response.status_code, 200) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url()) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_context_audit_results_no_workspaces(self): + """The audit_results exists in the context.""" + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 0) + + def test_context_audit_results_one_workspace(self): + """The audit_results exists in the context.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 1) + self.assertIn(workspace, audit_results.queryset) + + def test_context_audit_results_two_workspaces(self): + """The audit_results exists in the context.""" + workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 2) + self.assertIn(workspace_1, audit_results.queryset) + self.assertIn(workspace_2, audit_results.queryset) + + def test_context_verified_table_access(self): + """verified_table shows a record when audit has verified access.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_verified_table_no_access(self): + """verified_table shows a record when audit has verified access.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = workspace.workspace.authorization_domains.first() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_reader(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_writer_with_compute(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_owner(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_stop_sharing(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + # Change upload workspace end dates so it's in the past. + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.localdate() - timedelta(days=1), + ) + # Create a sharing record. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Share with the auth domain to prevent that audit result. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=workspace.workspace.authorization_domains.first(), + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_error_table_stop_sharing(self): + """error_table shows a record when an audit error is detected.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + # Create a sharing record. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_title(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + # self.assertContains(response, str(self.workspace)) + self.assertIn("all combined workspaces", response.content.decode().lower()) + + +class CombinedConsortiumDataWorkspaceSharingAuditByWorkspaceTest(AnVILAPIMockTestMixin, TestCase): + """Tests for the CombinedConsortiumDataWorkspaceSharingAuditByWorkspace view.""" + + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:sharing:by_workspace", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceSharingAuditByWorkspace.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url("foo", "bar")) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url("foo", "bar"), + ) + + def test_status_code_with_user_permission_view(self): + """Returns successful response code if the user has view permission.""" + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertEqual(response.status_code, 200) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url("foo", "bar")) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_invalid_billing_project_name(self): + """Raises a 404 error with an invalid object billing project.""" + request = self.factory.get(self.get_url("foo", self.workspace.workspace.name)) + request.user = self.user + with self.assertRaises(Http404): + self.get_view()( + request, + billing_project_slug="foo", + workspace_slug=self.workspace.workspace.name, + ) + + def test_invalid_workspace_name(self): + """Raises a 404 error with an invalid workspace name.""" + request = self.factory.get(self.get_url(self.workspace.workspace.billing_project.name, "foo")) + request.user = self.user + with self.assertRaises(Http404): + self.get_view()( + request, + billing_project_slug=self.workspace.workspace.billing_project.name, + workspace_slug="foo", + ) + + def test_context_audit_results(self): + """The audit_results exists in the context.""" + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 1) + self.assertIn(self.workspace, audit_results.queryset) + + def test_context_audit_results_does_not_include_other_workspaces(self): + """The audit_results does not include other workspaces.""" + other_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + audit_results = response.context_data["audit_results"] + self.assertEqual(audit_results.queryset.count(), 1) + self.assertNotIn(other_workspace, audit_results.queryset) + + def test_context_verified_table_access(self): + """verified_table shows a record when audit has verified access.""" + self.workspace.date_completed = timezone.now() - timedelta(days=1) + self.workspace.save() + group = self.workspace.workspace.authorization_domains.first() + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=self.workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_verified_table_no_access(self): + """verified_table shows a record when audit has verified no access.""" + group = self.workspace.workspace.authorization_domains.first() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_reader(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + self.workspace.date_completed = timezone.now() - timedelta(days=1) + self.workspace.save() + group = self.workspace.workspace.authorization_domains.first() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_writer_with_compute(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_owner(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_stop_sharing(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + # Change upload workspace end dates so it's in the past. + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.workspace.date_completed = timezone.localdate() - timedelta(days=1) + self.workspace.save() + # Create a sharing record. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=self.workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Share with the auth domain to prevent that audit result. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=self.workspace.workspace, + group=self.workspace.workspace.authorization_domains.first(), + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_error_table_stop_sharing(self): + """error_table shows a record when an audit error is detected.""" + group = acm_factories.ManagedGroupFactory.create() + # Create a sharing record. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=self.workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_title(self): + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + # self.assertContains(response, str(self.workspace)) + self.assertIn(str(self.workspace), response.content.decode().lower()) + + +class CombinedConsortiumDataWorkspaceSharingAuditResolveTest(AnVILAPIMockTestMixin, TestCase): + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_EDIT_PERMISSION_CODENAME) + ) + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:sharing:resolve", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceSharingAuditResolve.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url("foo", "bar", "foobar")) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url("foo", "bar", "foobar"), + ) + + def test_status_code_with_user_permission_staff_edit(self): + """Returns successful response code if the user has staff edit permission.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + + def test_status_code_with_user_permission_staff_view(self): + """Returns 403 response code if the user has staff view permission.""" + user_view = User.objects.create_user(username="test-view", password="test-view") + user_view.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.client.force_login(self.user) + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user_view + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_status_code_with_user_permission_view(self): + """Returns forbidden response code if the user has view permission.""" + user = User.objects.create_user(username="test-none", password="test-none") + user.user_permissions.add(Permission.objects.get(codename=AnVILProjectManagerAccess.VIEW_PERMISSION_CODENAME)) + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_get_billing_project_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url("foo", workspace.workspace.name, group.name)) + self.assertEqual(response.status_code, 404) + + def test_get_workspace_name_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url(workspace.workspace.billing_project.name, "foo", group.name)) + self.assertEqual(response.status_code, 404) + + def test_get_group_does_not_exist(self): + """get request raises a 404 error with an non-existent email.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + "foo", + ) + ) + self.assertEqual(response.status_code, 404) + + def test_get_context_audit_result(self): + """The audit_results exists in the context.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + self.assertIsInstance( + response.context_data["audit_result"], + workspace_sharing_audit_results.WorkspaceSharingAuditResult, + ) + + def test_get_verified_shared(self): + """Get request with VerifiedShared result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + + def test_get_verified_not_shared(self): + """Get request with VerifiedNotShared result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP + ) + + def test_get_share_as_reader(self): + """Get request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + + def test_get_share_with_compute(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_get_share_as_owner(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + ) + + def test_get_stop_sharing(self): + """Get request with StopSharing result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.StopSharing) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP + ) + + def test_post_billing_project_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post(self.get_url("foo", workspace.workspace.name, group.name)) + self.assertEqual(response.status_code, 404) + + def test_post_workspace_name_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post(self.get_url(workspace.workspace.billing_project.name, "foo", group.name)) + self.assertEqual(response.status_code, 404) + + def test_post_group_does_not_exist(self): + """post request raises a 404 error with an non-existent email.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.post( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + "foo", + ) + ) + self.assertEqual(response.status_code, 404) + + def test_post_verified_shared(self): + """Post request with VerifiedShared result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertEqual(sharing.modified, date_created) + + def test_post_verified_not_shared(self): + """Post request with VerifiedNotShared result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + + def test_post_new_share_as_reader(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_post_new_share_with_compute(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_post_new_share_as_owner(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + upload_cycle__is_future=True, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_post_new_stop_sharing(self): + group = acm_factories.ManagedGroupFactory.create() + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + + def test_post_update_share_as_reader(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.WRITER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_post_update_share_with_compute(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_post_update_share_as_owner(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_post_new_share_as_reader_htmx(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_post_new_share_with_compute_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_post_new_share_as_owner_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + upload_cycle__is_future=True, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_post_new_stop_sharing_htmx(self): + group = acm_factories.ManagedGroupFactory.create() + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + + def test_post_update_share_as_reader_htmx(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.WRITER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_post_update_share_with_compute_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_post_update_share_as_owner_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_post_new_share_as_reader_api_error(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_new_share_with_compute_api_error(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_new_share_as_owner_api_error(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + upload_cycle__is_future=True, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_new_stop_sharing_api_error(self): + group = acm_factories.ManagedGroupFactory.create() + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.StopSharing) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_update_share_as_reader_api_error(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.WRITER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_update_share_with_compute_api_error(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_update_share_as_owner_api_error(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + match=[responses.matchers.json_params_matcher(acls)], + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_new_share_as_reader_api_error_htmx(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_new_share_with_compute_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_new_share_as_owner_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + upload_cycle__is_future=True, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_new_stop_sharing_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create() + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_update_share_as_reader_api_error_htmx(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.WRITER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_update_share_with_compute_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_update_share_as_owner_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + match=[responses.matchers.json_params_matcher(acls)], + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditTest(AnVILAPIMockTestMixin, TestCase): + """Tests for the CombinedConsortiumDataWorkspaceAuthDomainAudit view.""" + + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:auth_domains:all", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceAuthDomainAudit.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url()) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url(), + ) + + def test_status_code_with_user_permission_view(self): + """Returns successful response code if the user has view permission.""" + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertEqual(response.status_code, 200) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url()) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_context_audit_results_no_workspaces(self): + """The audit_results exists in the context.""" + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 0) + + def test_context_audit_results_one_workspace(self): + """The audit_results exists in the context.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 1) + self.assertIn(workspace, audit_results.queryset) + + def test_context_audit_results_two_workspaces(self): + """The audit_results exists in the context.""" + workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 2) + self.assertIn(workspace_1, audit_results.queryset) + self.assertIn(workspace_2, audit_results.queryset) + + def test_context_verified_table_access(self): + """verified_table shows a record when audit has verified access.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_add_member(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("role")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_add_admin(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("role")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_error_table_remove(self): + """error table shows a record when audit finds that access needs to be removed.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_errors_table_change_to_member(self): + """errors table shows a record when audit finds that access needs to be removed.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_change_to_admin(self): + """error table shows a record when audit finds that access needs to be removed.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_title(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + # self.assertContains(response, str(self.workspace)) + self.assertIn("all combined workspaces", response.content.decode().lower()) + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspaceTest(AnVILAPIMockTestMixin, TestCase): + """Tests for the CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspace view.""" + + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:auth_domains:by_workspace", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspace.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + + "?next=" + + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name), + ) + + def test_status_code_with_user_permission_view(self): + """Returns successful response code if the user has view permission.""" + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertEqual(response.status_code, 200) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url("foo", "bar")) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_invalid_billing_project_name(self): + """Raises a 404 error with an invalid object billing project.""" + request = self.factory.get(self.get_url("foo", self.workspace.workspace.name)) + request.user = self.user + with self.assertRaises(Http404): + self.get_view()( + request, + billing_project_slug="foo", + workspace_slug=self.workspace.workspace.name, + ) + + def test_invalid_workspace_name(self): + """Raises a 404 error with an invalid workspace name.""" + request = self.factory.get(self.get_url(self.workspace.workspace.billing_project.name, "foo")) + request.user = self.user + with self.assertRaises(Http404): + self.get_view()( + request, + billing_project_slug=self.workspace.workspace.billing_project.name, + workspace_slug="foo", + ) + + def test_context_audit_results(self): + """The audit_results exists in the context.""" + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 1) + self.assertIn(self.workspace, audit_results.queryset) + + def test_context_audit_results_does_not_include_other_workspaces(self): + """The audit_results does not include other workspaces.""" + other_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + audit_results = response.context_data["audit_results"] + self.assertEqual(audit_results.queryset.count(), 1) + self.assertNotIn(other_workspace, audit_results.queryset) + + def test_context_verified_table_access(self): + """verified_table shows a record when audit has verified access.""" + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=self.workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_add_member(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("role")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_add_admin(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("role")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_error_table_remove(self): + """error table shows a record when audit finds that access needs to be removed.""" + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=self.workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_errors_table_change_to_member(self): + """errors table shows a record when audit finds that access needs to be removed.""" + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + acm_factories.GroupGroupMembershipFactory.create( + parent_group=self.workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_change_to_admin(self): + """error table shows a record when audit finds that access needs to be removed.""" + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=self.workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_title(self): + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertContains(response, str(self.workspace)) + # self.assertIn("all combined workspaces", response.content.decode().lower()) + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditResolveTest(AnVILAPIMockTestMixin, TestCase): + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_EDIT_PERMISSION_CODENAME) + ) + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:auth_domains:resolve", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceAuthDomainAuditResolve.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url("foo", "bar", "foobar")) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url("foo", "bar", "foobar"), + ) + + def test_status_code_with_user_permission_staff_edit(self): + """Returns successful response code if the user has staff edit permission.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + + def test_status_code_with_user_permission_staff_view(self): + """Returns 403 response code if the user has staff view permission.""" + user_view = User.objects.create_user(username="test-view", password="test-view") + user_view.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.client.force_login(self.user) + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user_view + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_status_code_with_user_permission_view(self): + """Returns forbidden response code if the user has view permission.""" + user = User.objects.create_user(username="test-none", password="test-none") + user.user_permissions.add(Permission.objects.get(codename=AnVILProjectManagerAccess.VIEW_PERMISSION_CODENAME)) + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_get_billing_project_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url("foo", workspace.workspace.name, group.name)) + self.assertEqual(response.status_code, 404) + + def test_get_workspace_name_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url(workspace.workspace.billing_project.name, "foo", group.name)) + self.assertEqual(response.status_code, 404) + + def test_get_group_does_not_exist(self): + """get request raises a 404 error with an non-existent email.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + "foo", + ) + ) + self.assertEqual(response.status_code, 404) + + def test_get_context_audit_result(self): + """The audit_results exists in the context.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + self.assertIsInstance( + response.context_data["audit_result"], + workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult, + ) + + def test_get_verified_admin(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + + def test_get_verified_member(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_get_verified_not_member(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + + def test_get_add_member(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_get_add_admin(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + + def test_get_change_to_member(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_get_change_to_admin(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + + def test_get_remove(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.Remove) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + + def test_post_billing_project_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post(self.get_url("foo", workspace.workspace.name, group.name)) + self.assertEqual(response.status_code, 404) + + def test_post_workspace_name_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post(self.get_url(workspace.workspace.billing_project.name, "foo", group.name)) + self.assertEqual(response.status_code, 404) + + def test_post_group_does_not_exist(self): + """post request raises a 404 error with an non-existent email.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.post( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + "foo", + ) + ) + self.assertEqual(response.status_code, 404) + + def test_post_verified_member(self): + """Get request with VerifiedMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_post_verified_admin(self): + """Get request with VerifiedAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_post_verified_not_member(self): + """Get request with VerifiedNotMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_add_member(self): + """Get request with AddMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership = acm_models.GroupGroupMembership.objects.get( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + ) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + + def test_post_add_admin(self): + """Get request with AddAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.client.force_login(self.user) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership = acm_models.GroupGroupMembership.objects.get( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + ) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + + def test_post_change_to_member(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertGreater(membership.modified, membership.created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + + def test_post_change_to_admin(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertGreater(membership.modified, membership.created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + + def test_post_remove_admin(self): + """Post request with Remove result for an admin membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_future=True, workspace__name="test-ws" + ) + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_remove_member(self): + """Post request with Remove result for a member membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_future=True, workspace__name="test-ws" + ) + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_verified_member_htmx(self): + """Get request with VerifiedMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_post_verified_admin_htmx(self): + """Get request with VerifiedAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_post_verified_not_member_htmx(self): + """Get request with VerifiedNotMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_add_member_htmx(self): + """Get request with AddMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership = acm_models.GroupGroupMembership.objects.get( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + ) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + + def test_post_add_admin_htmx(self): + """Get request with AddAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.client.force_login(self.user) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership = acm_models.GroupGroupMembership.objects.get( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + ) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + + def test_post_change_to_member_htmx(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertGreater(membership.modified, membership.created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + + def test_post_change_to_admin_htmx(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertGreater(membership.modified, membership.created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + + def test_post_remove_admin_htmx(self): + """Post request with Remove result for an admin membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_future=True, workspace__name="test-ws" + ) + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_remove_member_htmx(self): + """Post request with Remove result for a member membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_future=True, workspace__name="test-ws" + ) + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_api_error_add_member(self): + """Get request with AddMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No memberships were created. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_add_admin(self): + """Get request with AddAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.client.force_login(self.user) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No memberships were created. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_change_to_member_error_on_put_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_change_to_member_error_on_delete_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_change_to_admin_error_on_delete_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_change_to_admin_error_on_put_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_remove_admin(self): + """Post request with Remove result for an admin membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_remove_member(self): + """Post request with Remove result for a member membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_htmx_add_member(self): + """Get request with AddMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + # The membership was not updated. + # No memberships were created. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_add_admin(self): + """Get request with AddAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.client.force_login(self.user) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + # No memberships were created. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_change_to_member_error_on_put_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_change_to_member_error_on_delete_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_change_to_admin_error_on_delete_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_change_to_admin_error_on_put_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_remove_admin(self): + """Post request with Remove result for an admin membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_remove_member(self): + """Post request with Remove result for a member membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) diff --git a/gregor_django/gregor_anvil/urls.py b/gregor_django/gregor_anvil/urls.py index c65a5893..6e7e7939 100644 --- a/gregor_django/gregor_anvil/urls.py +++ b/gregor_django/gregor_anvil/urls.py @@ -98,9 +98,53 @@ "upload_workspaces", ) +combined_workspace_sharing_audit_patterns = ( + [ + path("all/", views.CombinedConsortiumDataWorkspaceSharingAudit.as_view(), name="all"), + path( + "resolve////", + views.CombinedConsortiumDataWorkspaceSharingAuditResolve.as_view(), + name="resolve", + ), + path( + "//", + views.CombinedConsortiumDataWorkspaceSharingAuditByWorkspace.as_view(), + name="by_workspace", + ), + ], + "sharing", +) + +combined_workspace_auth_domain_audit_patterns = ( + [ + path("all/", views.CombinedConsortiumDataWorkspaceAuthDomainAudit.as_view(), name="all"), + path( + "resolve////", + views.CombinedConsortiumDataWorkspaceAuthDomainAuditResolve.as_view(), + name="resolve", + ), + path( + "//", + views.CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspace.as_view(), + name="by_workspace", + ), + ], + "auth_domains", +) + +combined_workspace_audit_patterns = ( + [ + path("sharing/", include(combined_workspace_sharing_audit_patterns)), + path("auth_domain/", include(combined_workspace_auth_domain_audit_patterns)), + ], + "combined_workspaces", +) + + audit_patterns = ( [ path("upload_workspaces/", include(upload_workspace_audit_patterns)), + path("combined_workspaces/", include(combined_workspace_audit_patterns)), ], "audit", ) diff --git a/gregor_django/gregor_anvil/viewmixins.py b/gregor_django/gregor_anvil/viewmixins.py new file mode 100644 index 00000000..37d2c48b --- /dev/null +++ b/gregor_django/gregor_anvil/viewmixins.py @@ -0,0 +1,80 @@ +from anvil_consortium_manager.anvil_api import AnVILAPIError +from anvil_consortium_manager.exceptions import AnVILGroupNotFound +from anvil_consortium_manager.models import ( + ManagedGroup, +) +from django.contrib import messages +from django.db import transaction +from django.http import Http404, HttpResponse + + +class AuditMixin: + """Mixin to assist with auditing views.""" + + def run_audit(self): + raise NotImplementedError("AuditMixin.run_audit() must be implemented in a subclass") + + def get_context_data(self, **kwargs): + """Run the audit and add it to the context.""" + context = super().get_context_data(**kwargs) + # Run the audit. + audit_results = self.run_audit() + context["verified_table"] = audit_results.get_verified_table() + context["errors_table"] = audit_results.get_errors_table() + context["needs_action_table"] = audit_results.get_needs_action_table() + context["audit_results"] = audit_results + return context + + +class AuditResolveMixin: + """Mixin to assist with audit resolution views.""" + + def get_workspace_data_object(self): + raise NotImplementedError("AuditResolveMixin.get_workspace_data_object() must be implemented in a subclass") + + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + context["workspace_data_object"] = self.workspace_data_object + context["managed_group"] = self.managed_group + context["audit_result"] = self.audit_result + return context + + def get_managed_group(self, queryset=None): + """Look up the ManagedGroup by name.""" + try: + obj = ManagedGroup.objects.get(name=self.kwargs.get("managed_group_slug", None)) + except ManagedGroup.DoesNotExist: + raise Http404("No ManagedGroups found matching the query") + return obj + + def get(self, request, *args, **kwargs): + self.workspace_data_object = self.get_workspace_data_object() + self.managed_group = self.get_managed_group() + self.audit_result = self.get_audit_result() + return super().get(request, *args, **kwargs) + + def post(self, request, *args, **kwargs): + self.workspace_data_object = self.get_workspace_data_object() + self.managed_group = self.get_managed_group() + self.audit_result = self.get_audit_result() + return super().post(request, *args, **kwargs) + + def form_valid(self, form): + # Handle the result. + try: + with transaction.atomic(): + self.audit_result.handle() + except (AnVILAPIError, AnVILGroupNotFound) as e: + if self.request.htmx: + return HttpResponse(self.htmx_error) + else: + messages.error(self.request, "AnVIL API Error: " + str(e)) + return super().form_invalid(form) + # Otherwise, the audit resolution succeeded. + if self.request.htmx: + return HttpResponse(self.htmx_success) + else: + return super().form_valid(form) + + def get_success_url(self): + return self.workspace_data_object.get_absolute_url() diff --git a/gregor_django/gregor_anvil/views.py b/gregor_django/gregor_anvil/views.py index 8b43b389..0b138be3 100644 --- a/gregor_django/gregor_anvil/views.py +++ b/gregor_django/gregor_anvil/views.py @@ -1,31 +1,27 @@ -from anvil_consortium_manager.anvil_api import AnVILAPIError from anvil_consortium_manager.auth import ( AnVILConsortiumManagerStaffEditRequired, AnVILConsortiumManagerStaffViewRequired, ) -from anvil_consortium_manager.exceptions import AnVILGroupNotFound from anvil_consortium_manager.models import ( Account, - GroupGroupMembership, - ManagedGroup, Workspace, - WorkspaceGroupSharing, ) -from django.contrib import messages from django.contrib.auth import get_user_model from django.contrib.messages.views import SuccessMessageMixin -from django.db import transaction from django.db.models import Count, Q from django.forms import Form -from django.http import Http404, HttpResponse +from django.http import Http404 from django.utils.translation import gettext_lazy as _ from django.views.generic import CreateView, DetailView, FormView, TemplateView, UpdateView from django_tables2 import MultiTableMixin, SingleTableView from gregor_django.users.tables import UserTable -from . import forms, models, tables -from .audit import upload_workspace_auth_domain_audit, upload_workspace_sharing_audit +from . import forms, models, tables, viewmixins +from .audit import ( + combined_workspace_audit, + upload_workspace_audit, +) User = get_user_model() @@ -188,24 +184,20 @@ def get_context_data(self, **kwargs): return context -class UploadWorkspaceSharingAudit(AnVILConsortiumManagerStaffViewRequired, TemplateView): +class UploadWorkspaceSharingAudit(AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, TemplateView): """View to audit UploadWorkspace sharing for all UploadWorkspaces.""" template_name = "gregor_anvil/upload_workspace_sharing_audit.html" - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + def run_audit(self, **kwargs): + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceSharingAuditByWorkspace(AnVILConsortiumManagerStaffViewRequired, DetailView): +class UploadWorkspaceSharingAuditByWorkspace( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): """View to audit UploadWorkspace sharing for a specific UploadWorkspace.""" template_name = "gregor_anvil/upload_workspace_sharing_audit.html" @@ -229,21 +221,17 @@ def get_object(self, queryset=None): ) return obj - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + def run_audit(self, **kwargs): + audit = upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=self.model.objects.filter(pk=self.object.pk) ) audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceSharingAuditByUploadCycle(AnVILConsortiumManagerStaffViewRequired, DetailView): +class UploadWorkspaceSharingAuditByUploadCycle( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): """View to audit UploadWorkspace sharing for a specific UploadWorkspace.""" template_name = "gregor_anvil/upload_workspace_sharing_audit.html" @@ -263,21 +251,18 @@ def get_object(self, queryset=None): ) return obj - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) + def run_audit(self, **kwargs): # Run the audit. - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + audit = upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=models.UploadWorkspace.objects.filter(upload_cycle=self.object) ) audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceSharingAuditResolve(AnVILConsortiumManagerStaffEditRequired, FormView): +class UploadWorkspaceSharingAuditResolve( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditResolveMixin, FormView +): """View to resolve UploadWorkspace audit results.""" form_class = Form @@ -285,7 +270,7 @@ class UploadWorkspaceSharingAuditResolve(AnVILConsortiumManagerStaffEditRequired htmx_success = """ Handled!""" htmx_error = """ Error!""" - def get_upload_workspace(self): + def get_workspace_data_object(self): """Look up the UploadWorkspace by billing project and name.""" # Filter the queryset based on kwargs. billing_project_slug = self.kwargs.get("billing_project_slug", None) @@ -303,112 +288,29 @@ def get_upload_workspace(self): ) return obj - def get_managed_group(self, queryset=None): - """Look up the ManagedGroup by name.""" - try: - obj = ManagedGroup.objects.get(name=self.kwargs.get("managed_group_slug", None)) - except ManagedGroup.DoesNotExist: - raise Http404("No ManagedGroups found matching the query") - return obj - def get_audit_result(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() # No way to set the group queryset, since it is dynamically determined by the workspace. - audit.audit_workspace_and_group(self.upload_workspace, self.managed_group) + audit.audit_workspace_and_group(self.workspace_data_object, self.managed_group) # Set to completed, because we are just running this one specific check. audit.completed = True return audit.get_all_results()[0] - def get(self, request, *args, **kwargs): - self.upload_workspace = self.get_upload_workspace() - self.managed_group = self.get_managed_group() - self.audit_result = self.get_audit_result() - return super().get(request, *args, **kwargs) - def post(self, request, *args, **kwargs): - self.upload_workspace = self.get_upload_workspace() - self.managed_group = self.get_managed_group() - self.audit_result = self.get_audit_result() - return super().post(request, *args, **kwargs) - - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - context["upload_workspace"] = self.upload_workspace - context["managed_group"] = self.managed_group - context["audit_result"] = self.audit_result - return context - - def get_success_url(self): - return self.upload_workspace.get_absolute_url() - - def form_valid(self, form): - # Handle the result. - try: - # Set up the sharing instance. - if self.audit_result.current_sharing_instance: - sharing = self.audit_result.current_sharing_instance - else: - sharing = WorkspaceGroupSharing( - workspace=self.upload_workspace.workspace, - group=self.managed_group, - ) - with transaction.atomic(): - if isinstance(self.audit_result, upload_workspace_sharing_audit.VerifiedShared): - # No changes needed. - pass - elif isinstance(self.audit_result, upload_workspace_sharing_audit.VerifiedNotShared): - # No changes needed. - pass - elif isinstance(self.audit_result, upload_workspace_sharing_audit.StopSharing): - sharing.anvil_delete() - sharing.delete() - else: - if isinstance(self.audit_result, upload_workspace_sharing_audit.ShareAsReader): - sharing.access = WorkspaceGroupSharing.READER - sharing.can_compute = False - elif isinstance(self.audit_result, upload_workspace_sharing_audit.ShareAsWriter): - sharing.access = WorkspaceGroupSharing.WRITER - sharing.can_compute = False - elif isinstance(self.audit_result, upload_workspace_sharing_audit.ShareWithCompute): - sharing.access = WorkspaceGroupSharing.WRITER - sharing.can_compute = True - elif isinstance(self.audit_result, upload_workspace_sharing_audit.ShareAsOwner): - sharing.access = WorkspaceGroupSharing.OWNER - sharing.can_compute = True - sharing.full_clean() - sharing.save() - sharing.anvil_create_or_update() - except (AnVILAPIError, AnVILGroupNotFound) as e: - if self.request.htmx: - return HttpResponse(self.htmx_error) - else: - messages.error(self.request, "AnVIL API Error: " + str(e)) - return super().form_invalid(form) - # Otherwise, the audit resolution succeeded. - if self.request.htmx: - return HttpResponse(self.htmx_success) - else: - return super().form_valid(form) - - -class UploadWorkspaceAuthDomainAudit(AnVILConsortiumManagerStaffViewRequired, TemplateView): +class UploadWorkspaceAuthDomainAudit(AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, TemplateView): """View to audit UploadWorkspace auth domain membership for all UploadWorkspaces.""" - template_name = "gregor_anvil/upload_workspace_sharing_audit.html" + template_name = "gregor_anvil/upload_workspace_auth_domain_audit.html" - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + def run_audit(self): + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceAuthDomainAuditByWorkspace(AnVILConsortiumManagerStaffEditRequired, DetailView): +class UploadWorkspaceAuthDomainAuditByWorkspace( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditMixin, DetailView +): """View to audit UploadWorkspace sharing for a specific UploadWorkspace.""" template_name = "gregor_anvil/upload_workspace_auth_domain_audit.html" @@ -432,21 +334,17 @@ def get_object(self, queryset=None): ) return obj - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + def run_audit(self): + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=self.model.objects.filter(pk=self.object.pk) ) audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceAuthDomainAuditByUploadCycle(AnVILConsortiumManagerStaffViewRequired, DetailView): +class UploadWorkspaceAuthDomainAuditByUploadCycle( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): """View to audit UploadWorkspace sharing for a specific UploadWorkspace.""" template_name = "gregor_anvil/upload_workspace_auth_domain_audit.html" @@ -466,21 +364,17 @@ def get_object(self, queryset=None): ) return obj - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + def run_audit(self, **kwargs): + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=models.UploadWorkspace.objects.filter(upload_cycle=self.object) ) audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceAuthDomainAuditResolve(AnVILConsortiumManagerStaffEditRequired, FormView): +class UploadWorkspaceAuthDomainAuditResolve( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditResolveMixin, FormView +): """View to resolve UploadWorkspace auth domain audit results.""" form_class = Form @@ -488,7 +382,7 @@ class UploadWorkspaceAuthDomainAuditResolve(AnVILConsortiumManagerStaffEditRequi htmx_success = """ Handled!""" htmx_error = """ Error!""" - def get_upload_workspace(self): + def get_workspace_data_object(self): """Look up the UploadWorkspace by billing project and name.""" # Filter the queryset based on kwargs. billing_project_slug = self.kwargs.get("billing_project_slug", None) @@ -506,89 +400,179 @@ def get_upload_workspace(self): ) return obj - def get_managed_group(self, queryset=None): - """Look up the ManagedGroup by name.""" + def get_audit_result(self): + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() + # No way to set the group queryset, since it is dynamically determined by the workspace. + audit.audit_workspace_and_group(self.workspace_data_object, self.managed_group) + # Set to completed, because we are just running this one specific check. + audit.completed = True + return audit.get_all_results()[0] + + +class CombinedConsortiumDataWorkspaceSharingAudit( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, TemplateView +): + """View to audit CombinedConsortiumDataWorkspace sharing for all CombinedConsortiumDataWorkspacs.""" + + template_name = "gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html" + + def run_audit(self, **kwargs): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + return audit + + +class CombinedConsortiumDataWorkspaceSharingAuditByWorkspace( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): + """View to audit CombinedConsortiumDataWorkspace sharing for a specific CombinedConsortiumDataWorkspace.""" + + template_name = "gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html" + model = models.CombinedConsortiumDataWorkspace + + def get_object(self, queryset=None): + """Look up the workspace by billing project and name.""" + # Filter the queryset based on kwargs. + billing_project_slug = self.kwargs.get("billing_project_slug", None) + workspace_slug = self.kwargs.get("workspace_slug", None) + queryset = models.CombinedConsortiumDataWorkspace.objects.filter( + workspace__billing_project__name=billing_project_slug, + workspace__name=workspace_slug, + ) + try: + # Get the single item from the filtered queryset + obj = queryset.get() + except queryset.model.DoesNotExist: + raise Http404( + _("No %(verbose_name)s found matching the query") % {"verbose_name": queryset.model._meta.verbose_name} + ) + return obj + + def run_audit(self, **kwargs): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit( + queryset=self.model.objects.filter(pk=self.object.pk) + ) + audit.run_audit() + return audit + + +class CombinedConsortiumDataWorkspaceSharingAuditResolve( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditResolveMixin, FormView +): + """View to resolve CombinedConsortiumDataWorkspace audit results.""" + + form_class = Form + template_name = "gregor_anvil/combinedconsortiumdataworkspace_sharing_audit_resolve.html" + htmx_success = """ Handled!""" + htmx_error = """ Error!""" + + def get_workspace_data_object(self): + """Look up the CombinedConsortiumDataWorkspace by billing project and name.""" + # Filter the queryset based on kwargs. + billing_project_slug = self.kwargs.get("billing_project_slug", None) + workspace_slug = self.kwargs.get("workspace_slug", None) + queryset = models.CombinedConsortiumDataWorkspace.objects.filter( + workspace__billing_project__name=billing_project_slug, + workspace__name=workspace_slug, + ) try: - obj = ManagedGroup.objects.get(name=self.kwargs.get("managed_group_slug", None)) - except ManagedGroup.DoesNotExist: - raise Http404("No ManagedGroups found matching the query") + # Get the single item from the filtered queryset + obj = queryset.get() + except queryset.model.DoesNotExist: + raise Http404( + _("No %(verbose_name)s found matching the query") % {"verbose_name": queryset.model._meta.verbose_name} + ) return obj def get_audit_result(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() # No way to set the group queryset, since it is dynamically determined by the workspace. - audit.audit_workspace_and_group(self.upload_workspace, self.managed_group) + audit.audit_workspace_and_group(self.workspace_data_object, self.managed_group) # Set to completed, because we are just running this one specific check. audit.completed = True return audit.get_all_results()[0] - def get(self, request, *args, **kwargs): - self.upload_workspace = self.get_upload_workspace() - self.managed_group = self.get_managed_group() - self.audit_result = self.get_audit_result() - return super().get(request, *args, **kwargs) - def post(self, request, *args, **kwargs): - self.upload_workspace = self.get_upload_workspace() - self.managed_group = self.get_managed_group() - self.audit_result = self.get_audit_result() - return super().post(request, *args, **kwargs) +class CombinedConsortiumDataWorkspaceAuthDomainAudit( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, TemplateView +): + """View to audit auth domain membership for all CombinedConsortiumDataWorkspaces.""" + + template_name = "gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html" + + def run_audit(self, **kwargs): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + return audit - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - context["upload_workspace"] = self.upload_workspace - context["managed_group"] = self.managed_group - context["audit_result"] = self.audit_result - return context - def get_success_url(self): - return self.upload_workspace.get_absolute_url() +class CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspace( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): + """View to audit auth domain membership for a specific CombinedConsortiumDataWorkspace.""" - def form_valid(self, form): - # Handle the result. + template_name = "gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html" + model = models.CombinedConsortiumDataWorkspace + + def get_object(self, queryset=None): + """Look up the CombinedConsortiumDataWorkspace by billing project and name.""" + # Filter the queryset based on kwargs. + billing_project_slug = self.kwargs.get("billing_project_slug", None) + workspace_slug = self.kwargs.get("workspace_slug", None) + queryset = models.CombinedConsortiumDataWorkspace.objects.filter( + workspace__billing_project__name=billing_project_slug, + workspace__name=workspace_slug, + ) try: - with transaction.atomic(): - # Set up the membership instance. - if self.audit_result.current_membership_instance: - membership = self.audit_result.current_membership_instance - else: - membership = GroupGroupMembership( - parent_group=self.upload_workspace.workspace.authorization_domains.first(), - child_group=self.managed_group, - ) - # Now process the result. - if isinstance(self.audit_result, upload_workspace_auth_domain_audit.VerifiedMember): - pass - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.VerifiedAdmin): - pass - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.VerifiedNotMember): - pass - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.Remove): - membership.anvil_delete() - membership.delete() - else: - if isinstance(self.audit_result, upload_workspace_auth_domain_audit.ChangeToMember): - membership.anvil_delete() - membership.role = GroupGroupMembership.MEMBER - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.ChangeToAdmin): - membership.anvil_delete() - membership.role = GroupGroupMembership.ADMIN - else: - if isinstance(self.audit_result, upload_workspace_auth_domain_audit.AddMember): - membership.role = GroupGroupMembership.MEMBER - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.AddAdmin): - membership.role = GroupGroupMembership.ADMIN - membership.full_clean() - membership.save() - membership.anvil_create() - except (AnVILAPIError, AnVILGroupNotFound) as e: - if self.request.htmx: - return HttpResponse(self.htmx_error) - else: - messages.error(self.request, "AnVIL API Error: " + str(e)) - return super().form_invalid(form) - # Otherwise, the audit resolution succeeded. - if self.request.htmx: - return HttpResponse(self.htmx_success) - else: - return super().form_valid(form) + # Get the single item from the filtered queryset + obj = queryset.get() + except queryset.model.DoesNotExist: + raise Http404( + _("No %(verbose_name)s found matching the query") % {"verbose_name": queryset.model._meta.verbose_name} + ) + return obj + + def run_audit(self, **kwargs): + # Run the audit. + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit( + queryset=self.model.objects.filter(pk=self.object.pk) + ) + audit.run_audit() + return audit + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditResolve( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditResolveMixin, FormView +): + """View to resolve UploadWorkspace auth domain audit results.""" + + form_class = Form + template_name = "gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit_resolve.html" + htmx_success = """ Handled!""" + htmx_error = """ Error!""" + + def get_workspace_data_object(self): + """Look up the CombinedConsortiumDataWorkspace by billing project and name.""" + # Filter the queryset based on kwargs. + billing_project_slug = self.kwargs.get("billing_project_slug", None) + workspace_slug = self.kwargs.get("workspace_slug", None) + queryset = models.CombinedConsortiumDataWorkspace.objects.filter( + workspace__billing_project__name=billing_project_slug, + workspace__name=workspace_slug, + ) + try: + # Get the single item from the filtered queryset + obj = queryset.get() + except queryset.model.DoesNotExist: + raise Http404( + _("No %(verbose_name)s found matching the query") % {"verbose_name": queryset.model._meta.verbose_name} + ) + return obj + + def get_audit_result(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + # No way to set the group queryset, since it is dynamically determined by the workspace. + audit.audit_workspace_and_group(self.workspace_data_object, self.managed_group) + # Set to completed, because we are just running this one specific check. + audit.completed = True + return audit.get_all_results()[0] diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html new file mode 100644 index 00000000..b6472dcc --- /dev/null +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html @@ -0,0 +1,25 @@ +{% extends "anvil_consortium_manager/base.html" %} +{% load django_tables2 %} + +{% block title %}Combined workspace auth domain audit{% endblock %} + + +{% block content %} + +

Combined consortium data workspace auth domain audit: {% if object %} {{ object }} {% else %} all Combined Workspaces{% endif %}

+ +
+

+ When auditing combined workspace auth domain membership, + all records in the "Needs action" table should be handled by clicking on the action button. + Any records in the "Errors" table should be reported. +

+ {% include "gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html" %} + +
+ +

Audit results

+ +{% include "__audit_tables.html" with verified_table=verified_table needs_action_table=needs_action_table errors_table=errors_table %} + +{% endblock content %} diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit_resolve.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit_resolve.html new file mode 100644 index 00000000..0a506c47 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit_resolve.html @@ -0,0 +1,44 @@ +{% extends "anvil_consortium_manager/base.html" %} +{% load django_tables2 %} +{% load crispy_forms_tags %} + +{% block title %}Resolve combined workspace audit{% endblock %} + + +{% block content %} + +

Resolve combined workspace auth domain audit

+ +
+ + + {% include "gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html" %} + +
+ +

Audit results

+ + +
+
+
Result
+

{{ audit_result }}

+ {% if audit_result.action %} +
+ + {% csrf_token %} + {{ form|crispy }} + + +
+ {% else %} + + {% endif %} +
+
+ + +{% endblock content %} diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_detail.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_detail.html index 48832960..6727465a 100644 --- a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_detail.html +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_detail.html @@ -10,15 +10,15 @@ {% block action_buttons %} - {% if show_edit_links %} - {% if object.authorization_domains.first %}

- Share with auth domain -

- {% else %} -

no auth domain

- {% endif %} + + Audit consortium sharing + + + Audit auth domain membership + +

{% endif %} {{ block.super }} diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html new file mode 100644 index 00000000..211f93f4 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html @@ -0,0 +1,25 @@ +{% extends "anvil_consortium_manager/base.html" %} +{% load django_tables2 %} + +{% block title %}Combined workspace sharing audit{% endblock %} + + +{% block content %} + +

Combined workspace sharing audit: {% if object %}{{ object }}{% else %} all Combined Workspaces{% endif %}

+ +
+

+ Auditing workspace sharing for {{ object }}. + All records in the "Needs action" table should be handled by clicking on the action button. + Any records in the "Errors" table should be reported. +

+ {% include "gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html" %} + +
+ +

Audit results

+ +{% include "__audit_tables.html" with verified_table=verified_table needs_action_table=needs_action_table errors_table=errors_table %} + +{% endblock content %} diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit_resolve.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit_resolve.html new file mode 100644 index 00000000..a7ddb739 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit_resolve.html @@ -0,0 +1,44 @@ +{% extends "anvil_consortium_manager/base.html" %} +{% load django_tables2 %} +{% load crispy_forms_tags %} + +{% block title %}Resolve combined workspace audit{% endblock %} + + +{% block content %} + +

Resolve combined workspace sharing audit

+ +
+ + + {% include "gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html" %} + +
+ +

Audit results

+ + +
+
+
Result
+

{{ audit_result }}

+ {% if audit_result.action %} +
+ + {% csrf_token %} + {{ form|crispy }} + + +
+ {% else %} + + {% endif %} +
+
+ + +{% endblock content %} diff --git a/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_action_button.html b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_action_button.html new file mode 100644 index 00000000..94e5e134 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_action_button.html @@ -0,0 +1,22 @@ +
+ {% if record.action %} +
+ + {% csrf_token %} + +
+ + {% else %} + — + {% endif %} +
diff --git a/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html new file mode 100644 index 00000000..32c7632d --- /dev/null +++ b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html @@ -0,0 +1,25 @@ +
+
+

+ +

+
+
+ +

+ This audit checks that auth domain membership is appropriate for the current point in the upload cycle. + Membership is expected to be as follows. +

    +
  • GREGOR_ALL
    • +
  • GREGOR_DCC_ADMINS (as admin)
    • +
+ Note that groups associated with AnVIL (e.g., anvil-admins, anvil-devs) are ignored by the audit. +

+ +

Any errors should be reported!

+
+
+
+
diff --git a/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_action_button.html b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_action_button.html new file mode 100644 index 00000000..0e36afb8 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_action_button.html @@ -0,0 +1,22 @@ +
+ {% if record.action %} +
+ + {% csrf_token %} + +
+ + {% else %} + — + {% endif %} +
diff --git a/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html new file mode 100644 index 00000000..5c1b9f0e --- /dev/null +++ b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html @@ -0,0 +1,48 @@ +
+
+

+ +

+
+
+ +

+ This audit checks that workspace sharing is appropriate for the current point in the upload cycle. + Sharing with the following groups are checked: +

    +
  • The authorization domain of the workspace
    • +
  • GREGOR_DCC_ADMINS
    • +
  • GREGOR_DCC_WRITERS
    • +
  • GREGOR_DCC_MEMBERS
    • +
  • Any additional groups that the workspace is shared with
    • +
+ Note that groups associated with AnVIL (e.g., anvil-admins, anvil-devs) are ignored by the audit. +

+

The audit result categories are explained below. +

    + +
  • Verified includes the following:
    • +
      +
    • The workspace is shared with a group with appropriate permissions.
      • +
    • The workspace is not shared with a group that it should not be shared with.
      • +
    + +
  • Needs action includes the following:
    • +
      +
    • The access level for a specific group needs to be changed.
      • +
    + +
  • Errors
    • +
      +
    • The workspace has been shared with an unexpected group.
      • +
    • A group other than the DCC admins group is an owner of the workspace.
      • +
    +
+

+

Any errors should be reported!

+
+
+
+
diff --git a/gregor_django/templates/gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html b/gregor_django/templates/gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html index 1e0437e9..1f101cbc 100644 --- a/gregor_django/templates/gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html +++ b/gregor_django/templates/gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html @@ -2,13 +2,13 @@ {% if record.action %}
+ action="{% url 'gregor_anvil:audit:upload_workspaces:auth_domains:resolve' record.workspace.billing_project.name record.workspace.name record.managed_group.name %}"> {% csrf_token %}