diff --git a/add_upload_workspace_audit_test_data.py b/add_upload_cycle_audit_test_data.py similarity index 85% rename from add_upload_workspace_audit_test_data.py rename to add_upload_cycle_audit_test_data.py index 704c19de..ded2a130 100644 --- a/add_upload_workspace_audit_test_data.py +++ b/add_upload_cycle_audit_test_data.py @@ -17,6 +17,7 @@ rc_1_uploader_group = ManagedGroupFactory(name="DEMO_RC1_UPLOADERS") rc_1_nonmember_group = ManagedGroupFactory(name="DEMO_RC1_NONMEMBERS") gregor_all_group = ManagedGroupFactory(name="GREGOR_ALL") +combined_auth_domain = ManagedGroupFactory(name="AUTH_GREGOR_COMBINED") # Create an RC rc = factories.ResearchCenterFactory.create( @@ -27,8 +28,20 @@ non_member_group=rc_1_nonmember_group, ) +# Add GREGOR_ALL and DCC_ADMINS to the combined auth domain. +GroupGroupMembershipFactory.create( + parent_group=combined_auth_domain, + child_group=gregor_all_group, + role=GroupGroupMembership.MEMBER, +) +GroupGroupMembershipFactory.create( + parent_group=combined_auth_domain, + child_group=dcc_admin_group, + role=GroupGroupMembership.ADMIN, +) -# Create a future upload cycle. + +## Future upload cycle. upload_cycle = factories.UploadCycleFactory.create( cycle=1, is_future=True, @@ -39,7 +52,7 @@ workspace__name="TEST_U01_RC1", ) -# Create a current upload cycle before compute. +## Current upload cycle before compute. upload_cycle = factories.UploadCycleFactory.create( cycle=2, is_current=True, @@ -111,7 +124,7 @@ ) -# Create a current upload cycle after compute. +## Current upload cycle after compute. upload_cycle = factories.UploadCycleFactory.create( cycle=3, is_current=True, @@ -256,7 +269,7 @@ role=GroupGroupMembership.ADMIN, ) -# Create a past upload cycle after QC is completed. +## Past upload cycle after QC is completed; combined workspace is not complete. upload_cycle = factories.UploadCycleFactory.create( cycle=5, is_past=True, @@ -320,8 +333,18 @@ child_group=dcc_admin_group, role=GroupGroupMembership.ADMIN, ) +# Create the combined workspace and its records. +combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle=upload_cycle, + workspace__name="TEST_U05_COMBINED", +) +# Delete the auth domain created by the factory and add the shared auth domain. +combined_workspace.workspace.authorization_domains.clear() +combined_workspace.workspace.authorization_domains.add(combined_auth_domain) +# No sharing records yet. + -# Create a past upload cycle with a combined workspace. +## Past upload cycle with a combined workspace. upload_cycle = factories.UploadCycleFactory.create( cycle=6, is_past=True, @@ -332,11 +355,6 @@ workspace__name="TEST_U06_RC1", date_qc_completed=timezone.now(), ) -factories.CombinedConsortiumDataWorkspaceFactory.create( - upload_cycle=upload_cycle, - date_completed=timezone.now(), - workspace__name="TEST_U06_COMBINED", -) # Create records as appropriate for the previous point in the cycle - past cycle before QC complete. # Auth domain. WorkspaceGroupSharingFactory.create( @@ -383,3 +401,31 @@ child_group=dcc_admin_group, role=GroupGroupMembership.ADMIN, ) +# Create the combined workspace and its records. +combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle=upload_cycle, + date_completed=timezone.now(), + workspace__name="TEST_U06_COMBINED", +) +# Delete the auth domain created by the factory and add the shared auth domain. +combined_workspace.workspace.authorization_domains.clear() +combined_workspace.workspace.authorization_domains.add(combined_auth_domain) +# Add sharing records from previous step - DCC admins, writers, and members. +WorkspaceGroupSharingFactory.create( + workspace=combined_workspace.workspace, + group=dcc_admin_group, + access=WorkspaceGroupSharing.OWNER, + can_compute=True, +) +WorkspaceGroupSharingFactory.create( + workspace=combined_workspace.workspace, + group=dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, +) +WorkspaceGroupSharingFactory.create( + workspace=combined_workspace.workspace, + group=dcc_member_group, + access=WorkspaceGroupSharing.READER, + can_compute=False, +) diff --git a/gregor_apps.cron b/gregor_apps.cron index d857f24c..2be3d68f 100644 --- a/gregor_apps.cron +++ b/gregor_apps.cron @@ -13,3 +13,6 @@ MAILTO="gregorweb@uw.edu" # Nightly upload workspace audit 0 3 * * * . /var/www/django/gregor_apps/gregor-apps-activate.sh; python manage.py run_upload_workspace_audit --email gregorweb@uw.edu >> cron.log + +# Nightly combined workspace audit +0 3 * * * . /var/www/django/gregor_apps/gregor-apps-activate.sh; python manage.py run_combined_workspace_audit --email gregorweb@uw.edu >> cron.log diff --git a/gregor_django/gregor_anvil/audit/combined_workspace_audit.py b/gregor_django/gregor_anvil/audit/combined_workspace_audit.py new file mode 100644 index 00000000..05a8e7fc --- /dev/null +++ b/gregor_django/gregor_anvil/audit/combined_workspace_audit.py @@ -0,0 +1,376 @@ +import django_tables2 as tables +from anvil_consortium_manager.models import GroupGroupMembership, ManagedGroup, WorkspaceGroupSharing +from django.conf import settings +from django.db.models import Q, QuerySet + +from ..models import CombinedConsortiumDataWorkspace +from ..tables import BooleanIconColumn +from . import workspace_auth_domain_audit_results, workspace_sharing_audit_results +from .base import GREGoRAudit + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditTable(tables.Table): + """A table to display the audit results of the sharing of a combined consortium data workspace.""" + + workspace = tables.Column(verbose_name="Workspace") + managed_group = tables.Column(verbose_name="Group") + role = tables.Column(verbose_name="Current role") + note = tables.Column() + action = tables.TemplateColumn( + # Temporarily use this button template, until we have the resolve view working for this workspace type. + template_name="gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_action_button.html" + ) + + class Meta: + attrs = {"class": "table align-middle"} + + +class CombinedConsortiumDataWorkspaceAuthDomainAudit(GREGoRAudit): + results_table_class = CombinedConsortiumDataWorkspaceAuthDomainAuditTable + + DCC_ADMIN_AS_ADMIN = "The DCC admins group should always be an admin." + GREGOR_ALL_AS_MEMBER = "The GREGOR_ALL group should always be a member." + OTHER_GROUP = "This group should not have access to this workspace." + + def __init__(self, queryset=None): + super().__init__() + if queryset is None: + queryset = CombinedConsortiumDataWorkspace.objects.all() + elif not (isinstance(queryset, QuerySet) and queryset.model == CombinedConsortiumDataWorkspace): + raise ValueError("queryset must be a QuerySet of CombinedConsortiumDataWorkspace objects.") + self.queryset = queryset + + def _run_audit(self): + for workspace in self.queryset: + self.audit_combined_workspace(workspace) + + def _get_current_membership(self, combined_workspace, managed_group): + try: + current_membership = GroupGroupMembership.objects.get( + parent_group=combined_workspace.workspace.authorization_domains.first(), child_group=managed_group + ) + except GroupGroupMembership.DoesNotExist: + current_membership = None + return current_membership + + def audit_combined_workspace(self, combined_workspace): + """Audit the auth domain membership of a single CombinedWorkspace.""" + group_names = [ + "GREGOR_ALL", + settings.ANVIL_DCC_ADMINS_GROUP_NAME, + ] + groups_to_audit = ManagedGroup.objects.filter( + # Specific groups to include. + Q(name__in=group_names) + | + # Any other groups that are members. + Q(parent_memberships__parent_group=combined_workspace.workspace.authorization_domains.first()) + ).distinct() + + for group in groups_to_audit: + self.audit_workspace_and_group(combined_workspace, group) + + def audit_workspace_and_group(self, combined_workspace, managed_group): + if managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: + self._audit_workspace_and_dcc_admin_group(combined_workspace, managed_group) + elif managed_group.name == "GREGOR_ALL": + self._audit_workspace_and_gregor_all_group(combined_workspace, managed_group) + elif managed_group.name in ["anvil-admins", "anvil_devs"]: + self._audit_workspace_and_anvil_group(combined_workspace, managed_group) + else: + self._audit_workspace_and_other_group(combined_workspace, managed_group) + + def _audit_workspace_and_dcc_admin_group(self, combined_workspace, managed_group): + """Audit the auth domain membership for a specific workspace and the DCC admins group. + + Expectations: + - Admin at all times. + """ + current_membership = self._get_current_membership(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": current_membership, + "note": self.DCC_ADMIN_AS_ADMIN, + } + + if current_membership and current_membership.role == GroupGroupMembership.ADMIN: + self.verified.append(workspace_auth_domain_audit_results.VerifiedAdmin(**audit_result_args)) + elif current_membership and current_membership.role == GroupGroupMembership.MEMBER: + self.needs_action.append(workspace_auth_domain_audit_results.ChangeToAdmin(**audit_result_args)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddAdmin(**audit_result_args)) + + def _audit_workspace_and_gregor_all_group(self, combined_workspace, managed_group): + """Audit the auth domain membership for a specific workspace and the GREGOR_ALL group. + + Expectations: + - Member at all times. + """ + current_membership = self._get_current_membership(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": current_membership, + "note": self.GREGOR_ALL_AS_MEMBER, + } + + if not current_membership: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(**audit_result_args)) + elif current_membership and current_membership.role == GroupGroupMembership.MEMBER: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(**audit_result_args)) + else: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(**audit_result_args)) + + def _audit_workspace_and_anvil_group(self, combined_workspace, managed_group): + """Audit the auth domain membership for a specific workspace and the AnVIL admins/devs groups. + + We do not want to make any assumptions about the access of these groups.""" + pass + + def _audit_workspace_and_other_group(self, combined_workspace, managed_group): + """Audit the auth domain membership for a specific workspace and any other group. + + Expectations: + - Not a member at any time. + """ + current_membership = self._get_current_membership(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": current_membership, + "note": self.OTHER_GROUP, + } + + if current_membership: + self.errors.append(workspace_auth_domain_audit_results.Remove(**audit_result_args)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(**audit_result_args)) + + +class CombinedConsortiumDataWorkspaceSharingAuditTable(tables.Table): + """A table to display the audit results of the sharing of a combined consortium data workspace.""" + + workspace = tables.Column(linkify=True) + managed_group = tables.Column(linkify=True) + access = tables.Column(verbose_name="Current access") + can_compute = BooleanIconColumn(show_false_icon=True, null=True, true_color="black", false_color="black") + note = tables.Column() + action = tables.TemplateColumn( + template_name="gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_action_button.html" + ) + + class Meta: + attrs = {"class": "table align-middle"} + + +class CombinedConsortiumDataWorkspaceSharingAudit(GREGoRAudit): + """A class to audit the sharing of a combined consortium data workspace.""" + + DCC_ADMIN_AS_OWNER = "DCC Admins should always be a workspace owner." + DCC_WRITERS_BEFORE_COMPLETE = "DCC writers should have write and compute access before the workspace is completed." + DCC_WRITERS_AFTER_COMPLETE = "DCC writers should not have direct access after the workspace is completed." + DCC_MEMBERS_BEFORE_COMPLETE = "DCC members should have read access before the workspace is completed." + DCC_MEMBERS_AFTER_COMPLETE = "DCC members should not have direct access after the workspace is completed." + AUTH_DOMAIN_BEFORE_COMPLETE = "The auth domain should not have access before the workspace is completed." + AUTH_DOMAIN_AFTER_COMPLETE = "The auth domain should have read access after the workspace is completed." + GREGOR_ALL_BEFORE = "This group should not have access to this workspace before it is completed." + GREGOR_ALL_AFTER = "This group should have read access to this workspace after it is completed." + OTHER_GROUP = "This group should not have access to this workspace." + + results_table_class = CombinedConsortiumDataWorkspaceSharingAuditTable + + def __init__(self, queryset=None): + super().__init__() + if queryset is None: + queryset = CombinedConsortiumDataWorkspace.objects.all() + elif not (isinstance(queryset, QuerySet) and queryset.model == CombinedConsortiumDataWorkspace): + raise ValueError("queryset must be a QuerySet of CombinedConsortiumDataWorkspace objects.") + self.queryset = queryset + + def _run_audit(self): + for workspace in self.queryset: + self.audit_combined_workspace(workspace) + + def _get_current_sharing(self, upload_workspace, managed_group): + try: + current_sharing = WorkspaceGroupSharing.objects.get( + workspace=upload_workspace.workspace, group=managed_group + ) + except WorkspaceGroupSharing.DoesNotExist: + current_sharing = None + return current_sharing + + def audit_combined_workspace(self, combined_workspace): + """Audit sharing for a specific combined workspace.""" + # raise NotImplementedError("write this.") + # Get a list of managed groups that should be included in this audit. + group_names_to_include = [ + "GREGOR_DCC_MEMBERS", # DCC members + "GREGOR_DCC_WRITERS", # DCC writers + settings.ANVIL_DCC_ADMINS_GROUP_NAME, # DCC admins + "anvil-admins", # AnVIL admins + "anvil_devs", # AnVIL devs + ] + groups_to_audit = ManagedGroup.objects.filter( + # Specific groups from above. + Q(name__in=group_names_to_include) + | + # Auth domain. + Q(workspaceauthorizationdomain__workspace=combined_workspace.workspace) + | + # Groups that the workspace is shared with. + Q(workspacegroupsharing__workspace=combined_workspace.workspace) + ).distinct() + + for group in groups_to_audit: + self.audit_workspace_and_group(combined_workspace, group) + + def audit_workspace_and_group(self, combined_workspace, managed_group): + """Audit sharing for a specific workspace and group.""" + if managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: + self._audit_workspace_and_dcc_admin_group(combined_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_WRITERS": + self._audit_combined_workspace_and_dcc_writer_group(combined_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_MEMBERS": + self._audit_combined_workspace_and_dcc_member_group(combined_workspace, managed_group) + elif managed_group in combined_workspace.workspace.authorization_domains.all(): + self._audit_combined_workspace_and_auth_domain(combined_workspace, managed_group) + elif managed_group.name in ["anvil-admins", "anvil_devs"]: + self._audit_combined_workspace_and_anvil_group(combined_workspace, managed_group) + else: + self._audit_combined_workspace_and_other_group(combined_workspace, managed_group) + + def _audit_workspace_and_dcc_admin_group(self, combined_workspace, managed_group): + """Audit access for a specific UploadWorkspace and the DCC admin group. + + Sharing expectations: + - Owner access at all times. + """ + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + "note": self.DCC_ADMIN_AS_OWNER, + } + + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.verified.append(workspace_sharing_audit_results.VerifiedShared(**audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.ShareAsOwner(**audit_result_args)) + + def _audit_combined_workspace_and_dcc_writer_group(self, combined_workspace, managed_group): + """Audit access for a specific combined workspace and the DCC Writers group. + + Sharing expectations: + - Write+compute access before the workspace is completed. + - No access after the workspace is completed. + """ + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if not combined_workspace.date_completed: + note = self.DCC_WRITERS_BEFORE_COMPLETE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args) + ) + else: + note = self.DCC_WRITERS_AFTER_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + + def _audit_combined_workspace_and_dcc_member_group(self, combined_workspace, managed_group): + """Audit access for a specific combined workspace and the DCC members group. + + Sharing expectations: + - Read access before the workspace is completed. + - No access after the workspace is completed. + """ + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if not combined_workspace.date_completed: + note = self.DCC_MEMBERS_BEFORE_COMPLETE + if not current_sharing: + self.needs_action.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.errors.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + else: + note = self.DCC_MEMBERS_AFTER_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + + def _audit_combined_workspace_and_auth_domain(self, combined_workspace, managed_group): + """Audit access for a specific combined workspace and its auth domain. + + Sharing expectations: + - Not shared before the workspace is completed. + - Read after the workspace is completed. + """ + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if not combined_workspace.date_completed: + note = self.AUTH_DOMAIN_BEFORE_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + else: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + note = self.AUTH_DOMAIN_AFTER_COMPLETE + if not current_sharing: + self.needs_action.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.errors.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + + def _audit_combined_workspace_and_anvil_group(self, combined_workspace, managed_group): + pass + + def _audit_combined_workspace_and_other_group(self, combined_workspace, managed_group): + current_sharing = self._get_current_sharing(combined_workspace, managed_group) + audit_result_args = { + "workspace": combined_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + "note": self.OTHER_GROUP, + } + + if current_sharing: + self.errors.append(workspace_sharing_audit_results.StopSharing(**audit_result_args)) + else: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(**audit_result_args)) diff --git a/gregor_django/gregor_anvil/audit/upload_workspace_audit.py b/gregor_django/gregor_anvil/audit/upload_workspace_audit.py new file mode 100644 index 00000000..bde9201d --- /dev/null +++ b/gregor_django/gregor_anvil/audit/upload_workspace_audit.py @@ -0,0 +1,782 @@ +import django_tables2 as tables +from anvil_consortium_manager.models import GroupGroupMembership, ManagedGroup, WorkspaceGroupSharing +from django.conf import settings +from django.db.models import Q, QuerySet + +from ..models import CombinedConsortiumDataWorkspace, UploadWorkspace +from ..tables import BooleanIconColumn +from . import workspace_auth_domain_audit_results, workspace_sharing_audit_results +from .base import GREGoRAudit + + +class UploadWorkspaceAuthDomainAuditTable(tables.Table): + """A table to show results from a UploadWorkspaceAuthDomainAudit subclass.""" + + workspace = tables.Column(linkify=True) + managed_group = tables.Column(linkify=True) + # is_shared = tables.Column() + role = tables.Column(verbose_name="Current role") + note = tables.Column() + # action = tables.Column() + action = tables.TemplateColumn( + template_name="gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html" + ) + + class Meta: + attrs = {"class": "table align-middle"} + + +class UploadWorkspaceAuthDomainAudit(GREGoRAudit): + """A class to hold audit results for the GREGoR UploadWorkspace auth domain audit.""" + + # RC notes. + RC_FUTURE_CYCLE = "RC groups should not be in the auth domain until the upload cycle starts." + RC_UPLOADERS_BEFORE_QC = "RC uploader group should be a member of the auth domain before QC is complete." + RC_UPLOADERS_AFTER_QC = "RC uploader group should not be a member of the auth domain after QC is complete." + RC_MEMBERS_BEFORE_COMBINED = ( + "RC member group should be a member of the auth domain before the combined workspace is complete." + ) + RC_MEMBERS_AFTER_COMBINED = ( + "RC member group should not be a member of the auth domain after the combined workspace is complete." + ) + RC_NON_MEMBERS_AFTER_START = ( + "RC non-member group should be a member of the auth domain for current and past upload cycles." + ) + + # DCC notes. + DCC_ADMINS = "DCC admin group should always be an admin of the auth domain." + DCC_BEFORE_COMBINED = "DCC groups should be a member of the auth domain before the combined workspace is complete." + DCC_AFTER_COMBINED = ( + "DCC groups should not be direct members of the auth domain after the combined workspace is complete." + ) + + # GREGOR_ALL notes. + GREGOR_ALL_BEFORE_COMBINED = "GREGOR_ALL should not have access before the combined workspace is complete." + GREGOR_ALL_AFTER_COMBINED = ( + "GREGOR_ALL should be a member of the auth domain after the combined workspace is complete." + ) + + # Other group notes. + OTHER_GROUP = "This group should not have access to the auth domain." + UNEXPECTED_ADMIN = "Only the DCC admins group should be an admin of the auth domain." + + results_table_class = UploadWorkspaceAuthDomainAuditTable + + def __init__(self, queryset=None): + super().__init__() + if queryset is None: + queryset = UploadWorkspace.objects.all() + if not (isinstance(queryset, QuerySet) and queryset.model is UploadWorkspace): + raise ValueError("queryset must be a queryset of UploadWorkspace objects.") + self.queryset = queryset + + def _run_audit(self): + for workspace in self.queryset: + self.audit_upload_workspace(workspace) + + def _get_current_membership(self, upload_workspace, managed_group): + try: + current_membership = GroupGroupMembership.objects.get( + parent_group=upload_workspace.workspace.authorization_domains.first(), child_group=managed_group + ) + except GroupGroupMembership.DoesNotExist: + current_membership = None + return current_membership + + def _get_combined_workspace(self, upload_cycle): + """Returns the combined workspace, but only if it is ready for sharing.""" + try: + combined_workspace = CombinedConsortiumDataWorkspace.objects.get( + upload_cycle=upload_cycle, date_completed__isnull=False + ) + except CombinedConsortiumDataWorkspace.DoesNotExist: + combined_workspace = None + return combined_workspace + + def audit_upload_workspace(self, upload_workspace): + """Audit the auth domain membership of a single UploadWorkspace.""" + research_center = upload_workspace.research_center + group_names = [ + "GREGOR_ALL", + "GREGOR_DCC_MEMBERS", + "GREGOR_DCC_WRITERS", + settings.ANVIL_DCC_ADMINS_GROUP_NAME, + ] + groups_to_audit = ManagedGroup.objects.filter( + # RC uploader group. + Q(research_center_of_uploaders=research_center) + | + # RC member group. + Q(research_center_of_members=research_center) + | + # RC non-member group. + Q(research_center_of_non_members=research_center) + | + # Other sepcific groups to include. + Q(name__in=group_names) + | + # Any other groups that are members. + Q(parent_memberships__parent_group=upload_workspace.workspace.authorization_domains.first()) + ).distinct() + + for group in groups_to_audit: + self.audit_workspace_and_group(upload_workspace, group) + + def audit_workspace_and_group(self, upload_workspace, managed_group): + if managed_group == upload_workspace.research_center.uploader_group: + self._audit_workspace_and_group_for_rc_uploaders(upload_workspace, managed_group) + elif managed_group == upload_workspace.research_center.member_group: + self._audit_workspace_and_group_for_rc_members(upload_workspace, managed_group) + elif managed_group == upload_workspace.research_center.non_member_group: + self._audit_workspace_and_group_for_rc_non_members(upload_workspace, managed_group) + elif managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: + self._audit_workspace_and_group_for_dcc_admin(upload_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_WRITERS": + self._audit_workspace_and_group_for_dcc(upload_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_MEMBERS": + self._audit_workspace_and_group_for_dcc(upload_workspace, managed_group) + elif managed_group.name == "GREGOR_ALL": + self._audit_workspace_and_group_for_gregor_all(upload_workspace, managed_group) + elif managed_group.name == "anvil-admins": + self._audit_workspace_and_anvil_group(upload_workspace, managed_group) + elif managed_group.name == "anvil_devs": + self._audit_workspace_and_anvil_group(upload_workspace, managed_group) + else: + self._audit_workspace_and_other_group(upload_workspace, managed_group) + + def _audit_workspace_and_group_for_rc_uploaders(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + } + + # Otherwise, proceed with other checks. + if upload_workspace.upload_cycle.is_future: + note = self.RC_FUTURE_CYCLE + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + elif upload_workspace.upload_cycle.is_current: + note = self.RC_UPLOADERS_BEFORE_QC + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(note=note, **result_kwargs)) + elif membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(note=note, **result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(note=note, **result_kwargs)) + elif upload_workspace.upload_cycle.is_past and not upload_workspace.date_qc_completed: + note = self.RC_UPLOADERS_BEFORE_QC + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(note=note, **result_kwargs)) + elif membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(note=note, **result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(note=note, **result_kwargs)) + else: + note = self.RC_UPLOADERS_AFTER_QC + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + + def _audit_workspace_and_group_for_rc_members(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + } + + if upload_workspace.upload_cycle.is_future: + note = self.RC_FUTURE_CYCLE + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + elif not combined_workspace: + note = self.RC_MEMBERS_BEFORE_COMBINED + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(note=note, **result_kwargs)) + elif membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(note=note, **result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(note=note, **result_kwargs)) + else: + note = self.RC_MEMBERS_AFTER_COMBINED + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + + def _audit_workspace_and_group_for_rc_non_members(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + } + + if upload_workspace.upload_cycle.is_future: + note = self.RC_FUTURE_CYCLE + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + elif membership: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(note=note, **result_kwargs)) + else: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(note=note, **result_kwargs)) + else: + note = self.RC_NON_MEMBERS_AFTER_START + if membership and membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(note=note, **result_kwargs)) + elif membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(note=note, **result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(note=note, **result_kwargs)) + + def _audit_workspace_and_group_for_dcc_admin(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + if not membership: + self.needs_action.append( + workspace_auth_domain_audit_results.AddAdmin( + workspace=upload_workspace.workspace, + managed_group=managed_group, + note=self.DCC_ADMINS, + current_membership_instance=membership, + ) + ) + elif membership.role == GroupGroupMembership.ADMIN: + self.verified.append( + workspace_auth_domain_audit_results.VerifiedAdmin( + workspace=upload_workspace.workspace, + managed_group=managed_group, + note=self.DCC_ADMINS, + current_membership_instance=membership, + ) + ) + else: + self.needs_action.append( + workspace_auth_domain_audit_results.ChangeToAdmin( + workspace=upload_workspace.workspace, + managed_group=managed_group, + note=self.DCC_ADMINS, + current_membership_instance=membership, + ) + ) + + def _audit_workspace_and_group_for_dcc(self, upload_workspace, managed_group): + combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) + membership = self._get_current_membership(upload_workspace, managed_group) + if combined_workspace: + note = self.DCC_AFTER_COMBINED + else: + note = self.DCC_BEFORE_COMBINED + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + "note": note, + } + + if not combined_workspace and not membership: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(**result_kwargs)) + elif not combined_workspace and membership: + if membership.role == GroupGroupMembership.MEMBER: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(**result_kwargs)) + else: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(**result_kwargs)) + elif combined_workspace and not membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(**result_kwargs)) + elif combined_workspace and membership: + if membership.role == GroupGroupMembership.ADMIN: + self.errors.append(workspace_auth_domain_audit_results.Remove(**result_kwargs)) + else: + self.needs_action.append(workspace_auth_domain_audit_results.Remove(**result_kwargs)) + + def _audit_workspace_and_group_for_gregor_all(self, upload_workspace, managed_group): + combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) + membership = self._get_current_membership(upload_workspace, managed_group) + if combined_workspace: + note = self.GREGOR_ALL_AFTER_COMBINED + else: + note = self.GREGOR_ALL_BEFORE_COMBINED + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + "note": note, + } + + if not combined_workspace and not membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(**result_kwargs)) + elif not combined_workspace and membership: + self.errors.append(workspace_auth_domain_audit_results.Remove(**result_kwargs)) + elif combined_workspace and not membership: + self.needs_action.append(workspace_auth_domain_audit_results.AddMember(**result_kwargs)) + elif combined_workspace and membership: + if membership.role == GroupGroupMembership.MEMBER: + self.verified.append(workspace_auth_domain_audit_results.VerifiedMember(**result_kwargs)) + else: + self.errors.append(workspace_auth_domain_audit_results.ChangeToMember(**result_kwargs)) + + def _audit_workspace_and_anvil_group(self, upload_workspace, managed_group): + """Ignore the AnVIL groups in this audit. + + We don't want to make assumptions about what access level AnVIL has.""" + pass + + def _audit_workspace_and_other_group(self, upload_workspace, managed_group): + membership = self._get_current_membership(upload_workspace, managed_group) + result_kwargs = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_membership_instance": membership, + "note": self.OTHER_GROUP, + } + + if not membership: + self.verified.append(workspace_auth_domain_audit_results.VerifiedNotMember(**result_kwargs)) + elif membership: + self.errors.append(workspace_auth_domain_audit_results.Remove(**result_kwargs)) + + +class UploadWorkspaceSharingAuditTable(tables.Table): + """A table to show results from a UploadWorkspaceSharingAudit subclass.""" + + workspace = tables.Column(linkify=True) + managed_group = tables.Column(linkify=True) + access = tables.Column(verbose_name="Current access") + can_compute = BooleanIconColumn(show_false_icon=True, null=True, true_color="black", false_color="black") + note = tables.Column() + action = tables.TemplateColumn( + template_name="gregor_anvil/snippets/upload_workspace_sharing_audit_action_button.html" + ) + + class Meta: + attrs = {"class": "table align-middle"} + + +class UploadWorkspaceSharingAudit(GREGoRAudit): + """A class to hold audit results for the GREGoR UploadWorkspace audit.""" + + # RC uploader statues. + RC_UPLOADERS_FUTURE_CYCLE = "Uploaders should not have access to future cycles." + RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE = ( + "Uploaders should have write access before compute is enabled for this upload cycle." + ) + RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE = "Uploaders should have write access with compute for this upload cycle." + RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE = "Uploaders should not have direct access before QC is complete." + RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE = "Uploader group should not have direct access after QC is complete." + RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY = ( + "Uploader group should not have direct access when the combined workspace is ready to share or shared." + ) + + # DCC writer group status. + DCC_WRITERS_FUTURE_CYCLE = "DCC writers should have write and compute access for future cycles." + DCC_WRITERS_CURRENT_CYCLE = "DCC writers should have write and compute access for the current upload cycle." + DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE = ( + "DCC writers should have write and compute access before QC is complete." + ) + DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE = "DCC writers should not have direct access after QC is complete." + DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY = ( + "DCC writers should not have direct access when the combined workspace is ready to share or shared." + ) + + # DCC admin group status. + DCC_ADMIN_AS_OWNER = "The DCC admin group should always be an owner." + + # Auth domain status. + AUTH_DOMAIN_AS_READER = "The auth domain should always be a reader." + + # Other group. + OTHER_GROUP_NO_ACCESS = "Other groups should not have direct access." + + results_table_class = UploadWorkspaceSharingAuditTable + + def __init__(self, queryset=None): + super().__init__() + if queryset is None: + queryset = UploadWorkspace.objects.all() + if not (isinstance(queryset, QuerySet) and queryset.model is UploadWorkspace): + raise ValueError("queryset must be a queryset of UploadWorkspace objects.") + self.queryset = queryset + + def _run_audit(self): + for workspace in self.queryset: + self.audit_upload_workspace(workspace) + + def _get_current_sharing(self, upload_workspace, managed_group): + try: + current_sharing = WorkspaceGroupSharing.objects.get( + workspace=upload_workspace.workspace, group=managed_group + ) + except WorkspaceGroupSharing.DoesNotExist: + current_sharing = None + return current_sharing + + def _get_combined_workspace(self, upload_cycle): + """Returns the combined workspace, but only if it is ready for sharing.""" + try: + combined_workspace = CombinedConsortiumDataWorkspace.objects.get( + upload_cycle=upload_cycle, date_completed__isnull=False + ) + except CombinedConsortiumDataWorkspace.DoesNotExist: + combined_workspace = None + return combined_workspace + + def audit_upload_workspace(self, upload_workspace): + """Audit access for a specific UploadWorkspace.""" + # Get a list of managed groups that should be included in this audit. + # This includes the members group for the RC, the DCC groups, GREGOR_ALL, and the auth domain. + research_center = upload_workspace.research_center + group_names_to_include = [ + "GREGOR_DCC_WRITERS", # DCC writers + settings.ANVIL_DCC_ADMINS_GROUP_NAME, # DCC admins + "anvil-admins", # AnVIL admins + "anvil_devs", # AnVIL devs + ] + groups_to_audit = ManagedGroup.objects.filter( + # RC uploader group. + Q(research_center_of_uploaders=research_center) + | + # Specific groups from above. + Q(name__in=group_names_to_include) + | + # Auth domain. + Q(workspaceauthorizationdomain__workspace=upload_workspace.workspace) + | + # Groups that the workspace is shared with. + Q(workspacegroupsharing__workspace=upload_workspace.workspace) + ).distinct() + + for group in groups_to_audit: + self.audit_workspace_and_group(upload_workspace, group) + + def audit_workspace_and_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and ManagedGroup.""" + # Check the group type, and then call the appropriate audit method. + if upload_workspace.research_center.uploader_group == managed_group: + self._audit_workspace_and_rc_uploader_group(upload_workspace, managed_group) + elif managed_group.name == "GREGOR_DCC_WRITERS": + self._audit_workspace_and_dcc_writer_group(upload_workspace, managed_group) + elif managed_group in upload_workspace.workspace.authorization_domains.all(): + self._audit_workspace_and_auth_domain(upload_workspace, managed_group) + elif managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: + self._audit_workspace_and_dcc_admin_group(upload_workspace, managed_group) + elif managed_group.name in ["anvil-admins", "anvil_devs"]: + self._audit_workspace_and_anvil_group(upload_workspace, managed_group) + else: + self._audit_workspace_and_other_group(upload_workspace, managed_group) + + def _audit_workspace_and_anvil_group(self, upload_workspace, managed_group): + """Ignore the AnVIL groups in this audit. + + We don't want to make assumptions about what access level AnVIL has.""" + pass + + def _audit_workspace_and_rc_uploader_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and RC uploader group. + + Sharing expectations: + - No access to future upload cycle. + - Write access before compute is enabled for current upload cycle. + - Write+compute access after compute is enabled for current upload cycle. + - Read access to past upload cycle workspaces before QC is completed. + - No access to past upload cycle workspaces after QC is completed (read access via auth domain). + """ + upload_cycle = upload_workspace.upload_cycle + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + combined_workspace = self._get_combined_workspace(upload_cycle) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if upload_cycle.is_future: + note = self.RC_UPLOADERS_FUTURE_CYCLE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif upload_cycle.is_current and not upload_cycle.date_ready_for_compute: + note = self.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareAsWriter(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and not current_sharing.can_compute + ): + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.ShareAsWriter(note=note, **audit_result_args)) + elif upload_cycle.is_current and upload_cycle.date_ready_for_compute: + note = self.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append(workspace_sharing_audit_results.VerifiedShared(note=note, **audit_result_args)) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args) + ) + elif upload_cycle.is_past and not upload_workspace.date_qc_completed: + note = self.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif upload_cycle.is_past and upload_workspace.date_qc_completed and not combined_workspace: + note = self.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif upload_cycle.is_past and combined_workspace: + note = self.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY + if not current_sharing: + self.verified.append(workspace_sharing_audit_results.VerifiedNotShared(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + self.needs_action.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + else: + raise ValueError("No case matched for RC uploader group.") + + def _audit_workspace_and_dcc_writer_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and the DCC writer group. + + Sharing expectations: + - Write+compute access to future and current upload cycles. + - Write+compute access to past upload cycles before QC is complete. + - No direct access to past upload cycle workspaces after QC is completed (read access via auth domain). + """ + upload_cycle = upload_workspace.upload_cycle + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + combined_workspace = self._get_combined_workspace(upload_cycle) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if upload_cycle.is_future: + note = self.DCC_WRITERS_FUTURE_CYCLE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute( + note=note, + **audit_result_args, + ) + ) + elif upload_cycle.is_current: + note = self.DCC_WRITERS_CURRENT_CYCLE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute( + note=note, + **audit_result_args, + ) + ) + elif upload_cycle.is_past and not upload_workspace.date_qc_completed: + note = self.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareWithCompute(note=note, **audit_result_args)) + elif ( + current_sharing + and current_sharing.access == WorkspaceGroupSharing.WRITER + and current_sharing.can_compute + ): + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareWithCompute( + note=note, + **audit_result_args, + ) + ) + elif upload_cycle.is_past and upload_workspace.date_qc_completed and not combined_workspace: + note = self.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif not current_sharing: + self.verified.append( + workspace_sharing_audit_results.VerifiedNotShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.StopSharing( + note=note, + **audit_result_args, + ) + ) + elif upload_cycle.is_past and combined_workspace: + note = self.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.StopSharing(note=note, **audit_result_args)) + elif not current_sharing: + self.verified.append( + workspace_sharing_audit_results.VerifiedNotShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.StopSharing( + note=note, + **audit_result_args, + ) + ) + + else: + raise ValueError("No case matched for DCC writer group.") + + def _audit_workspace_and_auth_domain(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and its auth domain. + + Sharing expectations: + - Read access at all times. + """ + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + note = self.AUTH_DOMAIN_AS_READER + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.errors.append(workspace_sharing_audit_results.ShareAsReader(note=note, **audit_result_args)) + elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareAsReader( + note=note, + **audit_result_args, + ) + ) + + def _audit_workspace_and_dcc_admin_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and the DCC admin group. + + Sharing expectations: + - Owner access at all times. + """ + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + note = self.DCC_ADMIN_AS_OWNER + if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: + self.verified.append( + workspace_sharing_audit_results.VerifiedShared( + note=note, + **audit_result_args, + ) + ) + else: + self.needs_action.append( + workspace_sharing_audit_results.ShareAsOwner( + note=note, + **audit_result_args, + ) + ) + + def _audit_workspace_and_other_group(self, upload_workspace, managed_group): + """Audit access for a specific UploadWorkspace and other groups. + + Sharing expectations: + - No access. + """ + current_sharing = self._get_current_sharing(upload_workspace, managed_group) + + audit_result_args = { + "workspace": upload_workspace.workspace, + "managed_group": managed_group, + "current_sharing_instance": current_sharing, + } + + if not current_sharing: + self.verified.append( + workspace_sharing_audit_results.VerifiedNotShared( + note=self.OTHER_GROUP_NO_ACCESS, + **audit_result_args, + ) + ) + else: + self.errors.append( + workspace_sharing_audit_results.StopSharing( + note=self.OTHER_GROUP_NO_ACCESS, + **audit_result_args, + ) + ) diff --git a/gregor_django/gregor_anvil/audit/upload_workspace_auth_domain_audit.py b/gregor_django/gregor_anvil/audit/upload_workspace_auth_domain_audit.py deleted file mode 100644 index ebb98e34..00000000 --- a/gregor_django/gregor_anvil/audit/upload_workspace_auth_domain_audit.py +++ /dev/null @@ -1,449 +0,0 @@ -from dataclasses import dataclass - -import django_tables2 as tables -from anvil_consortium_manager.models import GroupGroupMembership, ManagedGroup -from django.conf import settings -from django.db.models import Q, QuerySet - -from ..models import CombinedConsortiumDataWorkspace, UploadWorkspace -from .base import GREGoRAudit, GREGoRAuditResult - - -@dataclass -class UploadWorkspaceAuthDomainAuditResult(GREGoRAuditResult): - """Base class to hold results for auditing upload workspace sharing.""" - - workspace: UploadWorkspace - note: str - managed_group: ManagedGroup - action: str = None - current_membership_instance: GroupGroupMembership = None - - def get_table_dictionary(self): - """Return a dictionary that can be used to populate an instance of `dbGaPDataSharingSnapshotAuditTable`.""" - row = { - "workspace": self.workspace, - "managed_group": self.managed_group, - "role": self.current_membership_instance.role if self.current_membership_instance else None, - "note": self.note, - "action": self.action, - } - return row - - -@dataclass -class VerifiedMember(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when member membership has been verified.""" - - def __str__(self): - return f"Verified member: {self.note}" - - -@dataclass -class VerifiedAdmin(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when membership with an admin role has been verified.""" - - is_shared: bool = False - - def __str__(self): - return f"Verified admin: {self.note}" - - -@dataclass -class VerifiedNotMember(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when member membership has been verified.""" - - def __str__(self): - return f"Verified member: {self.note}" - - -@dataclass -class AddMember(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when a member role should be added.""" - - action: str = "Add member" - - def __str__(self): - return f"Add member: {self.note}" - - -@dataclass -class AddAdmin(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when an admin role should be added.""" - - action: str = "Add admin" - - def __str__(self): - return f"Add admin: {self.note}" - - -@dataclass -class ChangeToMember(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when an admin role should be changed to a member role.""" - - action: str = "Change to member" - - def __str__(self): - return f"Change to member: {self.note}" - - -@dataclass -class ChangeToAdmin(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when a member role should be changed to an admin role.""" - - action: str = "Change to admin" - - def __str__(self): - return f"Change to admin: {self.note}" - - -@dataclass -class Remove(UploadWorkspaceAuthDomainAuditResult): - """Audit results class for when group membership should be removed.""" - - action: str = "Remove" - - def __str__(self): - return f"Share as owner: {self.note}" - - -class UploadWorkspaceAuthDomainAuditTable(tables.Table): - """A table to show results from a UploadWorkspaceAuthDomainAudit subclass.""" - - workspace = tables.Column(linkify=True) - managed_group = tables.Column(linkify=True) - # is_shared = tables.Column() - role = tables.Column(verbose_name="Current role") - note = tables.Column() - # action = tables.Column() - action = tables.TemplateColumn( - template_name="gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html" - ) - - class Meta: - attrs = {"class": "table align-middle"} - - -class UploadWorkspaceAuthDomainAudit(GREGoRAudit): - """A class to hold audit results for the GREGoR UploadWorkspace auth domain audit.""" - - # RC notes. - RC_FUTURE_CYCLE = "RC groups should not be in the auth domain until the upload cycle starts." - RC_UPLOADERS_BEFORE_QC = "RC uploader group should be a member of the auth domain before QC is complete." - RC_UPLOADERS_AFTER_QC = "RC uploader group should not be a member of the auth domain after QC is complete." - RC_MEMBERS_BEFORE_COMBINED = ( - "RC member group should be a member of the auth domain before the combined workspace is complete." - ) - RC_MEMBERS_AFTER_COMBINED = ( - "RC member group should not be a member of the auth domain after the combined workspace is complete." - ) - RC_NON_MEMBERS_AFTER_START = ( - "RC non-member group should be a member of the auth domain for current and past upload cycles." - ) - - # DCC notes. - DCC_ADMINS = "DCC admin group should always be an admin of the auth domain." - DCC_BEFORE_COMBINED = "DCC groups should be a member of the auth domain before the combined workspace is complete." - DCC_AFTER_COMBINED = ( - "DCC groups should not be direct members of the auth domain after the combined workspace is complete." - ) - - # GREGOR_ALL notes. - GREGOR_ALL_BEFORE_COMBINED = "GREGOR_ALL should not have access before the combined workspace is complete." - GREGOR_ALL_AFTER_COMBINED = ( - "GREGOR_ALL should be a member of the auth domain after the combined workspace is complete." - ) - - # Other group notes. - OTHER_GROUP = "This group should not have access to the auth domain." - UNEXPECTED_ADMIN = "Only the DCC admins group should be an admin of the auth domain." - - results_table_class = UploadWorkspaceAuthDomainAuditTable - - def __init__(self, queryset=None): - super().__init__() - if queryset is None: - queryset = UploadWorkspace.objects.all() - if not (isinstance(queryset, QuerySet) and queryset.model is UploadWorkspace): - raise ValueError("queryset must be a queryset of UploadWorkspace objects.") - self.queryset = queryset - - def _run_audit(self): - for workspace in self.queryset: - self.audit_upload_workspace(workspace) - - def _get_current_membership(self, upload_workspace, managed_group): - try: - current_membership = GroupGroupMembership.objects.get( - parent_group=upload_workspace.workspace.authorization_domains.first(), child_group=managed_group - ) - except GroupGroupMembership.DoesNotExist: - current_membership = None - return current_membership - - def _get_combined_workspace(self, upload_cycle): - """Returns the combined workspace, but only if it is ready for sharing.""" - try: - combined_workspace = CombinedConsortiumDataWorkspace.objects.get( - upload_cycle=upload_cycle, date_completed__isnull=False - ) - except CombinedConsortiumDataWorkspace.DoesNotExist: - combined_workspace = None - return combined_workspace - - def audit_upload_workspace(self, upload_workspace): - """Audit the auth domain membership of a single UploadWorkspace.""" - research_center = upload_workspace.research_center - group_names = [ - "GREGOR_ALL", - "GREGOR_DCC_MEMBERS", - "GREGOR_DCC_WRITERS", - settings.ANVIL_DCC_ADMINS_GROUP_NAME, - ] - groups_to_audit = ManagedGroup.objects.filter( - # RC uploader group. - Q(research_center_of_uploaders=research_center) - | - # RC member group. - Q(research_center_of_members=research_center) - | - # RC non-member group. - Q(research_center_of_non_members=research_center) - | - # Other sepcific groups to include. - Q(name__in=group_names) - | - # Any other groups that are members. - Q(parent_memberships__parent_group=upload_workspace.workspace.authorization_domains.first()) - ).distinct() - - for group in groups_to_audit: - self.audit_workspace_and_group(upload_workspace, group) - - def audit_workspace_and_group(self, upload_workspace, managed_group): - if managed_group == upload_workspace.research_center.uploader_group: - self._audit_workspace_and_group_for_rc_uploaders(upload_workspace, managed_group) - elif managed_group == upload_workspace.research_center.member_group: - self._audit_workspace_and_group_for_rc_members(upload_workspace, managed_group) - elif managed_group == upload_workspace.research_center.non_member_group: - self._audit_workspace_and_group_for_rc_non_members(upload_workspace, managed_group) - elif managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: - self._audit_workspace_and_group_for_dcc_admin(upload_workspace, managed_group) - elif managed_group.name == "GREGOR_DCC_WRITERS": - self._audit_workspace_and_group_for_dcc(upload_workspace, managed_group) - elif managed_group.name == "GREGOR_DCC_MEMBERS": - self._audit_workspace_and_group_for_dcc(upload_workspace, managed_group) - elif managed_group.name == "GREGOR_ALL": - self._audit_workspace_and_group_for_gregor_all(upload_workspace, managed_group) - elif managed_group.name == "anvil-admins": - self._audit_workspace_and_anvil_group(upload_workspace, managed_group) - elif managed_group.name == "anvil_devs": - self._audit_workspace_and_anvil_group(upload_workspace, managed_group) - else: - self._audit_workspace_and_other_group(upload_workspace, managed_group) - - def _audit_workspace_and_group_for_rc_uploaders(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - } - - # Otherwise, proceed with other checks. - if upload_workspace.upload_cycle.is_future: - note = self.RC_FUTURE_CYCLE - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - elif upload_workspace.upload_cycle.is_current: - note = self.RC_UPLOADERS_BEFORE_QC - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(ChangeToMember(note=note, **result_kwargs)) - elif membership: - self.verified.append(VerifiedMember(note=note, **result_kwargs)) - else: - self.needs_action.append(AddMember(note=note, **result_kwargs)) - elif upload_workspace.upload_cycle.is_past and not upload_workspace.date_qc_completed: - note = self.RC_UPLOADERS_BEFORE_QC - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(ChangeToMember(note=note, **result_kwargs)) - elif membership: - self.verified.append(VerifiedMember(note=note, **result_kwargs)) - else: - self.needs_action.append(AddMember(note=note, **result_kwargs)) - else: - note = self.RC_UPLOADERS_AFTER_QC - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - - def _audit_workspace_and_group_for_rc_members(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - } - - if upload_workspace.upload_cycle.is_future: - note = self.RC_FUTURE_CYCLE - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - elif not combined_workspace: - note = self.RC_MEMBERS_BEFORE_COMBINED - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(ChangeToMember(note=note, **result_kwargs)) - elif membership: - self.verified.append(VerifiedMember(note=note, **result_kwargs)) - else: - self.needs_action.append(AddMember(note=note, **result_kwargs)) - else: - note = self.RC_MEMBERS_AFTER_COMBINED - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - - def _audit_workspace_and_group_for_rc_non_members(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - } - - if upload_workspace.upload_cycle.is_future: - note = self.RC_FUTURE_CYCLE - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(note=note, **result_kwargs)) - elif membership: - self.needs_action.append(Remove(note=note, **result_kwargs)) - else: - self.verified.append(VerifiedNotMember(note=note, **result_kwargs)) - else: - note = self.RC_NON_MEMBERS_AFTER_START - if membership and membership.role == GroupGroupMembership.ADMIN: - self.errors.append(ChangeToMember(note=note, **result_kwargs)) - elif membership: - self.verified.append(VerifiedMember(note=note, **result_kwargs)) - else: - self.needs_action.append(AddMember(note=note, **result_kwargs)) - - def _audit_workspace_and_group_for_dcc_admin(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - if not membership: - self.needs_action.append( - AddAdmin( - workspace=upload_workspace, - managed_group=managed_group, - note=self.DCC_ADMINS, - current_membership_instance=membership, - ) - ) - elif membership.role == GroupGroupMembership.ADMIN: - self.verified.append( - VerifiedAdmin( - workspace=upload_workspace, - managed_group=managed_group, - note=self.DCC_ADMINS, - current_membership_instance=membership, - ) - ) - else: - self.needs_action.append( - ChangeToAdmin( - workspace=upload_workspace, - managed_group=managed_group, - note=self.DCC_ADMINS, - current_membership_instance=membership, - ) - ) - - def _audit_workspace_and_group_for_dcc(self, upload_workspace, managed_group): - combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) - membership = self._get_current_membership(upload_workspace, managed_group) - if combined_workspace: - note = self.DCC_AFTER_COMBINED - else: - note = self.DCC_BEFORE_COMBINED - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - "note": note, - } - - if not combined_workspace and not membership: - self.needs_action.append(AddMember(**result_kwargs)) - elif not combined_workspace and membership: - if membership.role == GroupGroupMembership.MEMBER: - self.verified.append(VerifiedMember(**result_kwargs)) - else: - self.errors.append(ChangeToMember(**result_kwargs)) - elif combined_workspace and not membership: - self.verified.append(VerifiedNotMember(**result_kwargs)) - elif combined_workspace and membership: - if membership.role == GroupGroupMembership.ADMIN: - self.errors.append(Remove(**result_kwargs)) - else: - self.needs_action.append(Remove(**result_kwargs)) - - def _audit_workspace_and_group_for_gregor_all(self, upload_workspace, managed_group): - combined_workspace = self._get_combined_workspace(upload_workspace.upload_cycle) - membership = self._get_current_membership(upload_workspace, managed_group) - if combined_workspace: - note = self.GREGOR_ALL_AFTER_COMBINED - else: - note = self.GREGOR_ALL_BEFORE_COMBINED - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - "note": note, - } - - if not combined_workspace and not membership: - self.verified.append(VerifiedNotMember(**result_kwargs)) - elif not combined_workspace and membership: - self.errors.append(Remove(**result_kwargs)) - elif combined_workspace and not membership: - self.needs_action.append(AddMember(**result_kwargs)) - elif combined_workspace and membership: - if membership.role == GroupGroupMembership.MEMBER: - self.verified.append(VerifiedMember(**result_kwargs)) - else: - self.errors.append(ChangeToMember(**result_kwargs)) - - def _audit_workspace_and_anvil_group(self, upload_workspace, managed_group): - """Ignore the AnVIL groups in this audit. - - We don't want to make assumptions about what access level AnVIL has.""" - pass - - def _audit_workspace_and_other_group(self, upload_workspace, managed_group): - membership = self._get_current_membership(upload_workspace, managed_group) - result_kwargs = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_membership_instance": membership, - "note": self.OTHER_GROUP, - } - - if not membership: - self.verified.append(VerifiedNotMember(**result_kwargs)) - elif membership: - self.errors.append(Remove(**result_kwargs)) diff --git a/gregor_django/gregor_anvil/audit/upload_workspace_sharing_audit.py b/gregor_django/gregor_anvil/audit/upload_workspace_sharing_audit.py deleted file mode 100644 index 45d640aa..00000000 --- a/gregor_django/gregor_anvil/audit/upload_workspace_sharing_audit.py +++ /dev/null @@ -1,538 +0,0 @@ -from dataclasses import dataclass - -import django_tables2 as tables -from anvil_consortium_manager.models import ManagedGroup, WorkspaceGroupSharing -from django.conf import settings -from django.db.models import Q, QuerySet - -from ..models import CombinedConsortiumDataWorkspace, UploadWorkspace -from ..tables import BooleanIconColumn -from .base import GREGoRAudit, GREGoRAuditResult - - -@dataclass -class UploadWorkspaceSharingAuditResult(GREGoRAuditResult): - """Base class to hold results for auditing upload workspace sharing.""" - - workspace: UploadWorkspace - note: str - managed_group: ManagedGroup - action: str = None - current_sharing_instance: WorkspaceGroupSharing = None - - def get_table_dictionary(self): - """Return a dictionary that can be used to populate an instance of `dbGaPDataSharingSnapshotAuditTable`.""" - can_compute = None - if self.current_sharing_instance and self.current_sharing_instance.access != WorkspaceGroupSharing.READER: - can_compute = self.current_sharing_instance.can_compute - row = { - "workspace": self.workspace, - "managed_group": self.managed_group, - "access": self.current_sharing_instance.access if self.current_sharing_instance else None, - "can_compute": can_compute, - "note": self.note, - "action": self.action, - } - return row - - -@dataclass -class VerifiedShared(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing has been verified.""" - - def __str__(self): - return f"Verified sharing: {self.note}" - - -@dataclass -class VerifiedNotShared(UploadWorkspaceSharingAuditResult): - """Audit results class for when no Sharing has been verified.""" - - def __str__(self): - return f"Verified not shared: {self.note}" - - -@dataclass -class ShareAsReader(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be granted as a reader.""" - - action: str = "Share as reader" - - def __str__(self): - return f"Share as reader: {self.note}" - - -@dataclass -class ShareAsWriter(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be granted as a writer.""" - - action: str = "Share as writer" - - def __str__(self): - return f"Share as writer: {self.note}" - - -@dataclass -class ShareAsOwner(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be granted as an owner.""" - - action: str = "Share as owner" - - def __str__(self): - return f"Share as owner: {self.note}" - - -@dataclass -class ShareWithCompute(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be granted with compute access.""" - - action: str = "Share with compute" - - def __str__(self): - return f"Share with compute: {self.note}" - - -@dataclass -class StopSharing(UploadWorkspaceSharingAuditResult): - """Audit results class for when Sharing should be removed for a known reason.""" - - action: str = "Stop sharing" - - def __str__(self): - return f"Stop sharing: {self.note}" - - -@dataclass -class Error(UploadWorkspaceSharingAuditResult): - """Audit results class for when an error has been detected (e.g., shared and never should have been).""" - - pass - - -class UploadWorkspaceSharingAuditTable(tables.Table): - """A table to show results from a UploadWorkspaceSharingAudit subclass.""" - - workspace = tables.Column(linkify=True) - managed_group = tables.Column(linkify=True) - access = tables.Column(verbose_name="Current access") - can_compute = BooleanIconColumn(show_false_icon=True, null=True, true_color="green", false_color="black") - note = tables.Column() - action = tables.TemplateColumn( - template_name="gregor_anvil/snippets/upload_workspace_sharing_audit_action_button.html" - ) - - class Meta: - attrs = {"class": "table align-middle"} - - -class UploadWorkspaceSharingAudit(GREGoRAudit): - """A class to hold audit results for the GREGoR UploadWorkspace audit.""" - - # RC uploader statues. - RC_UPLOADERS_FUTURE_CYCLE = "Uploaders should not have access to future cycles." - RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE = ( - "Uploaders should have write access before compute is enabled for this upload cycle." - ) - RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE = "Uploaders should have write access with compute for this upload cycle." - RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE = "Uploaders should not have direct access before QC is complete." - RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE = "Uploader group should not have direct access after QC is complete." - RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY = ( - "Uploader group should not have direct access when the combined workspace is ready to share or shared." - ) - - # DCC writer group status. - DCC_WRITERS_FUTURE_CYCLE = "DCC writers should have write and compute access for future cycles." - DCC_WRITERS_CURRENT_CYCLE = "DCC writers should have write and compute access for the current upload cycle." - DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE = ( - "DCC writers should have write and compute access before QC is complete." - ) - DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE = "DCC writers should not have direct access after QC is complete." - DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY = ( - "DCC writers should not have direct access when the combined workspace is ready to share or shared." - ) - - # DCC admin group status. - DCC_ADMIN_AS_OWNER = "The DCC admin group should always be an owner." - - # Auth domain status. - AUTH_DOMAIN_AS_READER = "The auth domain should always be a reader." - - # Other group. - OTHER_GROUP_NO_ACCESS = "Other groups should not have direct access." - - results_table_class = UploadWorkspaceSharingAuditTable - - def __init__(self, queryset=None): - super().__init__() - if queryset is None: - queryset = UploadWorkspace.objects.all() - if not (isinstance(queryset, QuerySet) and queryset.model is UploadWorkspace): - raise ValueError("queryset must be a queryset of UploadWorkspace objects.") - self.queryset = queryset - - def _run_audit(self): - for workspace in self.queryset: - self.audit_upload_workspace(workspace) - - def _get_current_sharing(self, upload_workspace, managed_group): - try: - current_sharing = WorkspaceGroupSharing.objects.get( - workspace=upload_workspace.workspace, group=managed_group - ) - except WorkspaceGroupSharing.DoesNotExist: - current_sharing = None - return current_sharing - - def _get_combined_workspace(self, upload_cycle): - """Returns the combined workspace, but only if it is ready for sharing.""" - try: - combined_workspace = CombinedConsortiumDataWorkspace.objects.get( - upload_cycle=upload_cycle, date_completed__isnull=False - ) - except CombinedConsortiumDataWorkspace.DoesNotExist: - combined_workspace = None - return combined_workspace - - def audit_upload_workspace(self, upload_workspace): - """Audit access for a specific UploadWorkspace.""" - # Get a list of managed groups that should be included in this audit. - # This includes the members group for the RC, the DCC groups, GREGOR_ALL, and the auth domain. - research_center = upload_workspace.research_center - group_names_to_include = [ - "GREGOR_DCC_WRITERS", # DCC writers - settings.ANVIL_DCC_ADMINS_GROUP_NAME, # DCC admins - "anvil-admins", # AnVIL admins - "anvil_devs", # AnVIL devs - ] - groups_to_audit = ManagedGroup.objects.filter( - # RC uploader group. - Q(research_center_of_uploaders=research_center) - | - # Specific groups from above. - Q(name__in=group_names_to_include) - | - # Auth domain. - Q(workspaceauthorizationdomain__workspace=upload_workspace.workspace) - | - # Groups that the workspace is shared with. - Q(workspacegroupsharing__workspace=upload_workspace.workspace) - ).distinct() - - for group in groups_to_audit: - self.audit_workspace_and_group(upload_workspace, group) - - def audit_workspace_and_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and ManagedGroup.""" - # Check the group type, and then call the appropriate audit method. - if upload_workspace.research_center.uploader_group == managed_group: - self._audit_workspace_and_rc_uploader_group(upload_workspace, managed_group) - elif managed_group.name == "GREGOR_DCC_WRITERS": - self._audit_workspace_and_dcc_writer_group(upload_workspace, managed_group) - elif managed_group in upload_workspace.workspace.authorization_domains.all(): - self._audit_workspace_and_auth_domain(upload_workspace, managed_group) - elif managed_group.name == settings.ANVIL_DCC_ADMINS_GROUP_NAME: - self._audit_workspace_and_dcc_admin_group(upload_workspace, managed_group) - elif managed_group.name in ["anvil-admins", "anvil_devs"]: - self._audit_workspace_and_anvil_group(upload_workspace, managed_group) - else: - self._audit_workspace_and_other_group(upload_workspace, managed_group) - - def _audit_workspace_and_anvil_group(self, upload_workspace, managed_group): - """Ignore the AnVIL groups in this audit. - - We don't want to make assumptions about what access level AnVIL has.""" - pass - - def _audit_workspace_and_rc_uploader_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and RC uploader group. - - Sharing expectations: - - No access to future upload cycle. - - Write access before compute is enabled for current upload cycle. - - Write+compute access after compute is enabled for current upload cycle. - - Read access to past upload cycle workspaces before QC is completed. - - No access to past upload cycle workspaces after QC is completed (read access via auth domain). - """ - upload_cycle = upload_workspace.upload_cycle - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - combined_workspace = self._get_combined_workspace(upload_cycle) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - if upload_cycle.is_future: - note = self.RC_UPLOADERS_FUTURE_CYCLE - if not current_sharing: - self.verified.append(VerifiedNotShared(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - else: - self.needs_action.append(StopSharing(note=note, **audit_result_args)) - elif upload_cycle.is_current and not upload_cycle.date_ready_for_compute: - note = self.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareAsWriter(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and not current_sharing.can_compute - ): - self.verified.append(VerifiedShared(note=note, **audit_result_args)) - else: - self.needs_action.append(ShareAsWriter(note=note, **audit_result_args)) - elif upload_cycle.is_current and upload_cycle.date_ready_for_compute: - note = self.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareWithCompute(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and current_sharing.can_compute - ): - self.verified.append(VerifiedShared(note=note, **audit_result_args)) - else: - self.needs_action.append(ShareWithCompute(note=note, **audit_result_args)) - elif upload_cycle.is_past and not upload_workspace.date_qc_completed: - note = self.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE - if not current_sharing: - self.verified.append(VerifiedNotShared(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - else: - self.needs_action.append(StopSharing(note=note, **audit_result_args)) - elif upload_cycle.is_past and upload_workspace.date_qc_completed and not combined_workspace: - note = self.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE - if not current_sharing: - self.verified.append(VerifiedNotShared(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - else: - self.needs_action.append(StopSharing(note=note, **audit_result_args)) - elif upload_cycle.is_past and combined_workspace: - note = self.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY - if not current_sharing: - self.verified.append(VerifiedNotShared(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - else: - self.needs_action.append(StopSharing(note=note, **audit_result_args)) - else: - raise ValueError("No case matched for RC uploader group.") - - def _audit_workspace_and_dcc_writer_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and the DCC writer group. - - Sharing expectations: - - Write+compute access to future and current upload cycles. - - Write+compute access to past upload cycles before QC is complete. - - No direct access to past upload cycle workspaces after QC is completed (read access via auth domain). - """ - upload_cycle = upload_workspace.upload_cycle - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - combined_workspace = self._get_combined_workspace(upload_cycle) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - if upload_cycle.is_future: - note = self.DCC_WRITERS_FUTURE_CYCLE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareWithCompute(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and current_sharing.can_compute - ): - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareWithCompute( - note=note, - **audit_result_args, - ) - ) - elif upload_cycle.is_current: - note = self.DCC_WRITERS_CURRENT_CYCLE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareWithCompute(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and current_sharing.can_compute - ): - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareWithCompute( - note=note, - **audit_result_args, - ) - ) - elif upload_cycle.is_past and not upload_workspace.date_qc_completed: - note = self.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareWithCompute(note=note, **audit_result_args)) - elif ( - current_sharing - and current_sharing.access == WorkspaceGroupSharing.WRITER - and current_sharing.can_compute - ): - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareWithCompute( - note=note, - **audit_result_args, - ) - ) - elif upload_cycle.is_past and upload_workspace.date_qc_completed and not combined_workspace: - note = self.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - elif not current_sharing: - self.verified.append( - VerifiedNotShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - StopSharing( - note=note, - **audit_result_args, - ) - ) - elif upload_cycle.is_past and combined_workspace: - note = self.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(StopSharing(note=note, **audit_result_args)) - elif not current_sharing: - self.verified.append( - VerifiedNotShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - StopSharing( - note=note, - **audit_result_args, - ) - ) - - else: - raise ValueError("No case matched for DCC writer group.") - - def _audit_workspace_and_auth_domain(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and its auth domain. - - Sharing expectations: - - Read access at all times. - """ - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - note = self.AUTH_DOMAIN_AS_READER - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.errors.append(ShareAsReader(note=note, **audit_result_args)) - elif current_sharing and current_sharing.access == WorkspaceGroupSharing.READER: - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareAsReader( - note=note, - **audit_result_args, - ) - ) - - def _audit_workspace_and_dcc_admin_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and the DCC admin group. - - Sharing expectations: - - Owner access at all times. - """ - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - note = self.DCC_ADMIN_AS_OWNER - if current_sharing and current_sharing.access == WorkspaceGroupSharing.OWNER: - self.verified.append( - VerifiedShared( - note=note, - **audit_result_args, - ) - ) - else: - self.needs_action.append( - ShareAsOwner( - note=note, - **audit_result_args, - ) - ) - - def _audit_workspace_and_other_group(self, upload_workspace, managed_group): - """Audit access for a specific UploadWorkspace and other groups. - - Sharing expectations: - - No access. - """ - current_sharing = self._get_current_sharing(upload_workspace, managed_group) - - audit_result_args = { - "workspace": upload_workspace, - "managed_group": managed_group, - "current_sharing_instance": current_sharing, - } - - if not current_sharing: - self.verified.append( - VerifiedNotShared( - note=self.OTHER_GROUP_NO_ACCESS, - **audit_result_args, - ) - ) - else: - self.errors.append( - StopSharing( - note=self.OTHER_GROUP_NO_ACCESS, - **audit_result_args, - ) - ) diff --git a/gregor_django/gregor_anvil/audit/workspace_auth_domain_audit_results.py b/gregor_django/gregor_anvil/audit/workspace_auth_domain_audit_results.py new file mode 100644 index 00000000..493203a8 --- /dev/null +++ b/gregor_django/gregor_anvil/audit/workspace_auth_domain_audit_results.py @@ -0,0 +1,156 @@ +from dataclasses import dataclass + +from anvil_consortium_manager.models import GroupGroupMembership, ManagedGroup, Workspace + +from .base import GREGoRAuditResult + + +@dataclass +class WorkspaceAuthDomainAuditResult(GREGoRAuditResult): + """Base class to hold results for auditing upload workspace sharing.""" + + workspace: Workspace + note: str + managed_group: ManagedGroup + action: str = None + current_membership_instance: GroupGroupMembership = None + handled: bool = False + + def get_table_dictionary(self): + """Return a dictionary that can be used to populate an instance of `dbGaPDataSharingSnapshotAuditTable`.""" + row = { + "workspace": self.workspace, + "managed_group": self.managed_group, + "role": self.current_membership_instance.role if self.current_membership_instance else None, + "note": self.note, + "action": self.action, + } + return row + + def _handle(self): + raise NotImplementedError("Subclasses must implement this method.") + + def handle(self): + self._handle() + self.handled = True + + +@dataclass +class VerifiedMember(WorkspaceAuthDomainAuditResult): + """Audit results class for when member membership has been verified.""" + + def __str__(self): + return f"Verified member: {self.note}" + + def _handle(self): + pass + + +@dataclass +class VerifiedAdmin(WorkspaceAuthDomainAuditResult): + """Audit results class for when membership with an admin role has been verified.""" + + def __str__(self): + return f"Verified admin: {self.note}" + + def _handle(self): + pass + + +@dataclass +class VerifiedNotMember(WorkspaceAuthDomainAuditResult): + """Audit results class for when member membership has been verified.""" + + def __str__(self): + return f"Verified member: {self.note}" + + def _handle(self): + pass + + +@dataclass +class AddMember(WorkspaceAuthDomainAuditResult): + """Audit results class for when a member role should be added.""" + + action: str = "Add member" + + def __str__(self): + return f"Add member: {self.note}" + + def _handle(self): + membership = GroupGroupMembership( + parent_group=self.workspace.authorization_domains.first(), + child_group=self.managed_group, + role=GroupGroupMembership.MEMBER, + ) + membership.full_clean() + membership.save() + membership.anvil_create() + + +@dataclass +class AddAdmin(WorkspaceAuthDomainAuditResult): + """Audit results class for when an admin role should be added.""" + + action: str = "Add admin" + + def __str__(self): + return f"Add admin: {self.note}" + + def _handle(self): + membership = GroupGroupMembership( + parent_group=self.workspace.authorization_domains.first(), + child_group=self.managed_group, + role=GroupGroupMembership.ADMIN, + ) + membership.full_clean() + membership.save() + membership.anvil_create() + + +@dataclass +class ChangeToMember(WorkspaceAuthDomainAuditResult): + """Audit results class for when an admin role should be changed to a member role.""" + + action: str = "Change to member" + + def __str__(self): + return f"Change to member: {self.note}" + + def _handle(self): + self.current_membership_instance.anvil_delete() + self.current_membership_instance.role = GroupGroupMembership.MEMBER + self.current_membership_instance.full_clean() + self.current_membership_instance.save() + self.current_membership_instance.anvil_create() + + +@dataclass +class ChangeToAdmin(WorkspaceAuthDomainAuditResult): + """Audit results class for when a member role should be changed to an admin role.""" + + action: str = "Change to admin" + + def __str__(self): + return f"Change to admin: {self.note}" + + def _handle(self): + self.current_membership_instance.anvil_delete() + self.current_membership_instance.role = GroupGroupMembership.ADMIN + self.current_membership_instance.full_clean() + self.current_membership_instance.save() + self.current_membership_instance.anvil_create() + + +@dataclass +class Remove(WorkspaceAuthDomainAuditResult): + """Audit results class for when group membership should be removed.""" + + action: str = "Remove" + + def __str__(self): + return f"Share as owner: {self.note}" + + def _handle(self): + self.current_membership_instance.anvil_delete() + self.current_membership_instance.delete() diff --git a/gregor_django/gregor_anvil/audit/workspace_sharing_audit_results.py b/gregor_django/gregor_anvil/audit/workspace_sharing_audit_results.py new file mode 100644 index 00000000..42cc6398 --- /dev/null +++ b/gregor_django/gregor_anvil/audit/workspace_sharing_audit_results.py @@ -0,0 +1,187 @@ +from dataclasses import dataclass + +from anvil_consortium_manager.models import ( + ManagedGroup, + Workspace, + WorkspaceGroupSharing, +) + +from .base import GREGoRAuditResult + + +@dataclass +class WorkspaceSharingAuditResult(GREGoRAuditResult): + """Base class to hold results for auditing upload workspace sharing.""" + + workspace: Workspace + note: str + managed_group: ManagedGroup + action: str = None + current_sharing_instance: WorkspaceGroupSharing = None + handled: bool = False + + def get_table_dictionary(self): + """Return a dictionary that can be used to populate an instance of `dbGaPDataSharingSnapshotAuditTable`.""" + can_compute = None + if self.current_sharing_instance and self.current_sharing_instance.access != WorkspaceGroupSharing.READER: + can_compute = self.current_sharing_instance.can_compute + row = { + "workspace": self.workspace, + "managed_group": self.managed_group, + "access": self.current_sharing_instance.access if self.current_sharing_instance else None, + "can_compute": can_compute, + "note": self.note, + "action": self.action, + } + return row + + def _handle(self): + raise NotImplementedError("Subclasses must implement this method.") + + def handle(self): + self._handle() + self.handled = True + + +@dataclass +class VerifiedShared(WorkspaceSharingAuditResult): + """Audit results class for when Sharing has been verified.""" + + def __str__(self): + return f"Verified sharing: {self.note}" + + def _handle(self): + pass + + +@dataclass +class VerifiedNotShared(WorkspaceSharingAuditResult): + """Audit results class for when no Sharing has been verified.""" + + def __str__(self): + return f"Verified not shared: {self.note}" + + def _handle(self): + pass + + +@dataclass +class ShareAsReader(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be granted as a reader.""" + + action: str = "Share as reader" + + def __str__(self): + return f"Share as reader: {self.note}" + + def _handle(self): + # Create or update the sharing record. + if self.current_sharing_instance: + sharing = self.current_sharing_instance + else: + sharing = WorkspaceGroupSharing( + workspace=self.workspace, + group=self.managed_group, + ) + sharing.access = WorkspaceGroupSharing.READER + sharing.can_compute = False + sharing.full_clean() + sharing.save() + sharing.anvil_create_or_update() + + +@dataclass +class ShareAsWriter(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be granted as a writer.""" + + action: str = "Share as writer" + + def __str__(self): + return f"Share as writer: {self.note}" + + def _handle(self): + # Create or update the sharing record. + if self.current_sharing_instance: + sharing = self.current_sharing_instance + else: + sharing = WorkspaceGroupSharing( + workspace=self.workspace, + group=self.managed_group, + ) + sharing.access = WorkspaceGroupSharing.WRITER + sharing.can_compute = False + sharing.full_clean() + sharing.save() + sharing.anvil_create_or_update() + + +@dataclass +class ShareAsOwner(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be granted as an owner.""" + + action: str = "Share as owner" + + def __str__(self): + return f"Share as owner: {self.note}" + + def _handle(self): + # Create or update the sharing record. + if self.current_sharing_instance: + sharing = self.current_sharing_instance + else: + sharing = WorkspaceGroupSharing( + workspace=self.workspace, + group=self.managed_group, + ) + sharing.access = WorkspaceGroupSharing.OWNER + sharing.can_compute = True + sharing.full_clean() + sharing.save() + sharing.anvil_create_or_update() + + +@dataclass +class ShareWithCompute(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be granted with compute access.""" + + action: str = "Share with compute" + + def __str__(self): + return f"Share with compute: {self.note}" + + def _handle(self): + # Create or update the sharing record. + if self.current_sharing_instance: + sharing = self.current_sharing_instance + else: + sharing = WorkspaceGroupSharing( + workspace=self.workspace, + group=self.managed_group, + ) + sharing.access = WorkspaceGroupSharing.WRITER + sharing.can_compute = True + sharing.full_clean() + sharing.save() + sharing.anvil_create_or_update() + + +@dataclass +class StopSharing(WorkspaceSharingAuditResult): + """Audit results class for when Sharing should be removed for a known reason.""" + + action: str = "Stop sharing" + + def __str__(self): + return f"Stop sharing: {self.note}" + + def _handle(self): + # Remove the sharing record. + self.current_sharing_instance.anvil_delete() + self.current_sharing_instance.delete() + + +@dataclass +class Error(WorkspaceSharingAuditResult): + """Audit results class for when an error has been detected (e.g., shared and never should have been).""" + + pass diff --git a/gregor_django/gregor_anvil/management/commands/run_combined_workspace_audit.py b/gregor_django/gregor_anvil/management/commands/run_combined_workspace_audit.py new file mode 100644 index 00000000..f010052f --- /dev/null +++ b/gregor_django/gregor_anvil/management/commands/run_combined_workspace_audit.py @@ -0,0 +1,72 @@ +from django.contrib.sites.models import Site +from django.core.mail import send_mail +from django.core.management.base import BaseCommand +from django.template.loader import render_to_string +from django.urls import reverse + +from ...audit import combined_workspace_audit + + +class Command(BaseCommand): + help = "Run access audits on CombinedConsortiumDataWorkspaces." + + def add_arguments(self, parser): + email_group = parser.add_argument_group(title="Email reports") + email_group.add_argument( + "--email", + help="""Email to which to send audit reports that need action or have errors.""", + ) + + def run_sharing_audit(self, *args, **options): + self.stdout.write("Running CombinedConsortiumDataWorkspace sharing audit... ", ending="") + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self._handle_audit_results(audit, reverse("gregor_anvil:audit:combined_workspaces:sharing:all"), **options) + + def run_auth_domain_audit(self, *args, **options): + self.stdout.write("Running CombinedConsortiumDataWorkspace auth domain audit... ", ending="") + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self._handle_audit_results(audit, reverse("gregor_anvil:audit:combined_workspaces:auth_domains:all"), **options) + + def _handle_audit_results(self, audit, url, **options): + # Report errors and needs access. + audit_ok = audit.ok() + # Construct the url for handling errors. + url = "https://" + Site.objects.get_current().domain + url + if audit_ok: + self.stdout.write(self.style.SUCCESS("ok!")) + else: + self.stdout.write(self.style.ERROR("problems found.")) + + # Print results + self.stdout.write("* Verified: {}".format(len(audit.verified))) + self.stdout.write("* Needs action: {}".format(len(audit.needs_action))) + self.stdout.write("* Errors: {}".format(len(audit.errors))) + + if not audit_ok: + self.stdout.write(self.style.ERROR(f"Please visit {url} to resolve these issues.")) + + # Send email if requested and there are problems. + email = options["email"] + subject = "{} - problems found".format(audit.__class__.__name__) + html_body = render_to_string( + "gregor_anvil/email_audit_report.html", + context={ + "title": "Combined workspace audit", + "audit_results": audit, + "url": url, + }, + ) + send_mail( + subject, + "Audit problems found. Please see attached report.", + None, + [email], + fail_silently=False, + html_message=html_body, + ) + + def handle(self, *args, **options): + self.run_sharing_audit(*args, **options) + self.run_auth_domain_audit(*args, **options) diff --git a/gregor_django/gregor_anvil/management/commands/run_upload_workspace_audit.py b/gregor_django/gregor_anvil/management/commands/run_upload_workspace_audit.py index fb7db4e9..2832ccf6 100644 --- a/gregor_django/gregor_anvil/management/commands/run_upload_workspace_audit.py +++ b/gregor_django/gregor_anvil/management/commands/run_upload_workspace_audit.py @@ -4,7 +4,7 @@ from django.template.loader import render_to_string from django.urls import reverse -from ...audit import upload_workspace_auth_domain_audit, upload_workspace_sharing_audit +from ...audit import upload_workspace_audit class Command(BaseCommand): @@ -19,13 +19,13 @@ def add_arguments(self, parser): def run_sharing_audit(self, *args, **options): self.stdout.write("Running UploadWorkspace sharing audit... ", ending="") - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self._handle_audit_results(audit, reverse("gregor_anvil:audit:upload_workspaces:sharing:all"), **options) def run_auth_domain_audit(self, *args, **options): self.stdout.write("Running UploadWorkspace auth domain audit... ", ending="") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self._handle_audit_results(audit, reverse("gregor_anvil:audit:upload_workspaces:auth_domains:all"), **options) diff --git a/gregor_django/gregor_anvil/tests/factories.py b/gregor_django/gregor_anvil/tests/factories.py index 5bb9b0ce..19f57580 100644 --- a/gregor_django/gregor_anvil/tests/factories.py +++ b/gregor_django/gregor_anvil/tests/factories.py @@ -137,6 +137,7 @@ class CombinedConsortiumDataWorkspaceFactory(DjangoModelFactory): class Meta: model = models.CombinedConsortiumDataWorkspace + skip_postgeneration_save = True upload_cycle = SubFactory(UploadCycleFactory) workspace = SubFactory( @@ -144,6 +145,17 @@ class Meta: workspace_type="combined_consortium", ) + @post_generation + def authorization_domains(self, create, extracted, **kwargs): + # Add an authorization domain. + if not create: + # Simple build, do nothing. + return + + # Create an authorization domain. + auth_domain = ManagedGroupFactory.create(name="auth_{}".format(self.workspace.name)) + self.workspace.authorization_domains.add(auth_domain) + class ReleaseWorkspaceFactory(DjangoModelFactory): """A factory for the ReleaseWorkspace model.""" diff --git a/gregor_django/gregor_anvil/tests/test_audit.py b/gregor_django/gregor_anvil/tests/test_audit.py index 7c0b4b10..dae1fd63 100644 --- a/gregor_django/gregor_anvil/tests/test_audit.py +++ b/gregor_django/gregor_anvil/tests/test_audit.py @@ -1,20 +1,32 @@ """Tests for the `py` module.""" from dataclasses import dataclass +from datetime import timedelta import django_tables2 as tables +import responses from anvil_consortium_manager.models import GroupGroupMembership, WorkspaceGroupSharing from anvil_consortium_manager.tests.factories import ( GroupGroupMembershipFactory, ManagedGroupFactory, + WorkspaceAuthorizationDomainFactory, + WorkspaceFactory, WorkspaceGroupSharingFactory, ) +from anvil_consortium_manager.tests.utils import AnVILAPIMockTestMixin from django.conf import settings from django.test import TestCase, override_settings +from django.utils import timezone from faker import Faker +from freezegun import freeze_time from .. import models -from ..audit import upload_workspace_auth_domain_audit, upload_workspace_sharing_audit +from ..audit import ( + combined_workspace_audit, + upload_workspace_audit, + workspace_auth_domain_audit_results, + workspace_sharing_audit_results, +) from ..audit.base import GREGoRAudit, GREGoRAuditResult from ..tests import factories @@ -162,17 +174,17 @@ def test_get_errors_table(self): self.assertEqual(table.rows[0].get_cell("value"), "c") -class UploadWorkspaceSharingAuditResultTest(TestCase): +class WorkspaceSharingAuditResultTest(AnVILAPIMockTestMixin, TestCase): """General tests of the UploadWorkspaceSharingAuditResult dataclasses.""" def test_shared_as_owner(self): - upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + workspace = WorkspaceFactory.create() group = ManagedGroupFactory.create() sharing = WorkspaceGroupSharingFactory.create( - workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER, can_compute=True + workspace=workspace, group=group, access=WorkspaceGroupSharing.OWNER, can_compute=True ) - instance = upload_workspace_sharing_audit.UploadWorkspaceSharingAuditResult( - workspace=upload_workspace, + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, managed_group=group, current_sharing_instance=sharing, note="foo", @@ -182,13 +194,13 @@ def test_shared_as_owner(self): self.assertEqual(table_dictionary["can_compute"], True) def test_shared_as_writer_with_compute(self): - upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + workspace = WorkspaceFactory.create() group = ManagedGroupFactory.create() sharing = WorkspaceGroupSharingFactory.create( - workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.WRITER, can_compute=True + workspace=workspace, group=group, access=WorkspaceGroupSharing.WRITER, can_compute=True ) - instance = upload_workspace_sharing_audit.UploadWorkspaceSharingAuditResult( - workspace=upload_workspace, + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, managed_group=group, current_sharing_instance=sharing, note="foo", @@ -198,13 +210,13 @@ def test_shared_as_writer_with_compute(self): self.assertEqual(table_dictionary["can_compute"], True) def test_shared_as_writer_without_compute(self): - upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + workspace = WorkspaceFactory.create() group = ManagedGroupFactory.create() sharing = WorkspaceGroupSharingFactory.create( - workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.WRITER, can_compute=False + workspace=workspace, group=group, access=WorkspaceGroupSharing.WRITER, can_compute=False ) - instance = upload_workspace_sharing_audit.UploadWorkspaceSharingAuditResult( - workspace=upload_workspace, + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, managed_group=group, current_sharing_instance=sharing, note="foo", @@ -214,13 +226,13 @@ def test_shared_as_writer_without_compute(self): self.assertEqual(table_dictionary["can_compute"], False) def test_shared_as_reader(self): - upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + workspace = WorkspaceFactory.create() group = ManagedGroupFactory.create() sharing = WorkspaceGroupSharingFactory.create( - workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.READER + workspace=workspace, group=group, access=WorkspaceGroupSharing.READER ) - instance = upload_workspace_sharing_audit.UploadWorkspaceSharingAuditResult( - workspace=upload_workspace, + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, managed_group=group, current_sharing_instance=sharing, note="foo", @@ -230,10 +242,10 @@ def test_shared_as_reader(self): self.assertIsNone(table_dictionary["can_compute"]) def test_not_shared(self): - upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + workspace = WorkspaceFactory.create() group = ManagedGroupFactory.create() - instance = upload_workspace_sharing_audit.UploadWorkspaceSharingAuditResult( - workspace=upload_workspace, + instance = workspace_sharing_audit_results.WorkspaceSharingAuditResult( + workspace=workspace, managed_group=group, current_sharing_instance=None, note="foo", @@ -242,14 +254,689 @@ def test_not_shared(self): self.assertIsNone(table_dictionary["access"]) self.assertIsNone(table_dictionary["can_compute"]) + def test_handle_verified_shared(self): + workspace = WorkspaceFactory.create(name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.READER, + ) + instance = workspace_sharing_audit_results.VerifiedShared( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.READER) + self.assertEqual(sharing.created, date_created) + self.assertEqual(sharing.modified, date_created) + + def test_handle_verified_not_shared(self): + workspace = WorkspaceFactory.create(name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.VerifiedNotShared( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 0) + + def test_handle_share_as_reader_new(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.ShareAsReader( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing = WorkspaceGroupSharing.objects.first() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_handle_share_as_reader_update(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + instance = workspace_sharing_audit_results.ShareAsReader( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + + def test_handle_share_as_writer_new(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.ShareAsWriter( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing = WorkspaceGroupSharing.objects.first() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.WRITER) + self.assertFalse(sharing.can_compute) + + def test_handle_share_as_writer_update(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.OWNER, + can_compute=True, + ) + instance = workspace_sharing_audit_results.ShareAsWriter( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.WRITER) + self.assertFalse(sharing.can_compute) + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + + def test_handle_share_with_compute_new(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.ShareWithCompute( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing = WorkspaceGroupSharing.objects.first() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_handle_share_with_compute_update(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.READER, + can_compute=False, + ) + instance = workspace_sharing_audit_results.ShareWithCompute( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + + def test_handle_share_as_owner_new(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + instance = workspace_sharing_audit_results.ShareAsOwner( + workspace=workspace, + managed_group=group, + current_sharing_instance=None, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing = WorkspaceGroupSharing.objects.first() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_handle_share_as_owner_update(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.READER, + can_compute=False, + ) + instance = workspace_sharing_audit_results.ShareAsOwner( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.access, WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + + def test_handle_stop_sharing(self): + workspace = WorkspaceFactory.create(billing_project__name="test-bp", name="test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + sharing = WorkspaceGroupSharingFactory.create( + workspace=workspace, + group=group, + access=WorkspaceGroupSharing.READER, + can_compute=False, + ) + instance = workspace_sharing_audit_results.StopSharing( + workspace=workspace, + managed_group=group, + current_sharing_instance=sharing, + note="foo", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(WorkspaceGroupSharing.objects.count(), 0) + + +class WorkspaceAuthDomainAuditResultTest(AnVILAPIMockTestMixin, TestCase): + """General tests of the WorkspaceAuthDomainAuditResult dataclasses.""" + + def test_handle_verified_member(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.MEMBER, + ) + instance = workspace_auth_domain_audit_results.VerifiedMember( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.MEMBER) + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_handle_verified_admin(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), child_group=group, role=GroupGroupMembership.ADMIN + ) + instance = workspace_auth_domain_audit_results.VerifiedAdmin( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.ADMIN) + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_handle_verified_not_member(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + instance = workspace_auth_domain_audit_results.VerifiedMember( + workspace=workspace, + managed_group=group, + current_membership_instance=None, + note="foo", + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 0) + + def test_handle_add_member(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + instance = workspace_auth_domain_audit_results.AddMember( + workspace=workspace, + managed_group=group, + current_membership_instance=None, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/member/{group.email}", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership = GroupGroupMembership.objects.first() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.MEMBER) + + def test_handle_add_admin(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + instance = workspace_auth_domain_audit_results.AddAdmin( + workspace=workspace, + managed_group=group, + current_membership_instance=None, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/admin/{group.email}", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership = GroupGroupMembership.objects.first() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.ADMIN) + + def test_handle_change_to_member(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.ADMIN, + ) + instance = workspace_auth_domain_audit_results.ChangeToMember( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership = GroupGroupMembership.objects.first() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.MEMBER) + self.assertGreater(membership.modified, date_created) + + def test_handle_change_to_admin(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(days=1) + with freeze_time(date_created): + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.MEMBER, + ) + instance = workspace_auth_domain_audit_results.ChangeToAdmin( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 1) + membership = GroupGroupMembership.objects.first() + self.assertEqual(membership.parent_group, workspace.authorization_domains.first()) + self.assertEqual(membership.child_group, group) + self.assertEqual(membership.role, GroupGroupMembership.ADMIN) + self.assertGreater(membership.modified, date_created) + + def test_handle_remove(self): + workspace = WorkspaceFactory.create(name="test-ws") + WorkspaceAuthorizationDomainFactory.create(workspace=workspace, group__name="auth-test-ws") + group = ManagedGroupFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.MEMBER, + ) + instance = workspace_auth_domain_audit_results.Remove( + workspace=workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth-test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.assertFalse(instance.handled) + instance.handle() + self.assertTrue(instance.handled) + self.assertEqual(GroupGroupMembership.objects.count(), 0) + + def test_member_as_admin(self): + upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + group = ManagedGroupFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=upload_workspace.workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.ADMIN, + ) + instance = workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult( + workspace=upload_workspace.workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertEqual(table_dictionary["role"], membership.ADMIN) + + def test_member_as_member(self): + upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + group = ManagedGroupFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=upload_workspace.workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.MEMBER, + ) + instance = workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult( + workspace=upload_workspace.workspace, + managed_group=group, + current_membership_instance=membership, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertEqual(table_dictionary["role"], membership.MEMBER) + + def test_not_member(self): + upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + group = ManagedGroupFactory.create() + instance = workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult( + workspace=upload_workspace.workspace, + managed_group=group, + current_membership_instance=None, + note="foo", + ) + table_dictionary = instance.get_table_dictionary() + self.assertIsNone(table_dictionary["role"]) + class UploadWorkspaceSharingAuditTableTest(TestCase): """General tests of the UploadWorkspaceSharingAuditTable class.""" def test_no_rows(self): """Table works with no rows.""" - table = upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable([]) - self.assertIsInstance(table, upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable) + table = upload_workspace_audit.UploadWorkspaceSharingAuditTable([]) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceSharingAuditTable) self.assertEqual(len(table.rows), 0) def test_one_row(self): @@ -261,7 +948,7 @@ def test_one_row(self): ) data = [ { - "workspace": upload_workspace, + "workspace": upload_workspace.workspace, "managed_group": group, "access": WorkspaceGroupSharing.READER, "can_compute": None, @@ -269,8 +956,8 @@ def test_one_row(self): "action": "", }, ] - table = upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable(data) - self.assertIsInstance(table, upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable) + table = upload_workspace_audit.UploadWorkspaceSharingAuditTable(data) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceSharingAuditTable) self.assertEqual(len(table.rows), 1) def test_two_rows(self): @@ -283,7 +970,7 @@ def test_two_rows(self): ) data = [ { - "workspace": upload_workspace, + "workspace": upload_workspace.workspace, "managed_group": group_1, "access": WorkspaceGroupSharing.READER, "can_compute": None, @@ -291,7 +978,7 @@ def test_two_rows(self): "action": "", }, { - "workspace": upload_workspace, + "workspace": upload_workspace.workspace, "managed_group": group_2, "access": None, "can_compute": None, @@ -299,8 +986,8 @@ def test_two_rows(self): "action": "", }, ] - table = upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable(data) - self.assertIsInstance(table, upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable) + table = upload_workspace_audit.UploadWorkspaceSharingAuditTable(data) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceSharingAuditTable) self.assertEqual(len(table.rows), 2) @@ -310,14 +997,14 @@ class UploadWorkspaceSharingAuditTest(TestCase): def test_completed(self): """The completed attribute is set appropriately.""" # Instantiate the class. - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() self.assertFalse(audit.completed) audit.run_audit() self.assertTrue(audit.completed) def test_no_upload_workspaces(self): """The audit works if there are no UploadWorkspaces.""" - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -325,31 +1012,31 @@ def test_no_upload_workspaces(self): def test_one_upload_workspace_no_groups(self): upload_workspace = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, upload_workspace.workspace.authorization_domains.first()) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_one_upload_workspace_rc_upload_group(self): group = ManagedGroupFactory.create() upload_workspace = factories.UploadWorkspaceFactory.create( research_center__uploader_group=group, upload_cycle__is_future=True ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_writer_group(self): @@ -358,14 +1045,14 @@ def test_one_upload_workspace_dcc_writer_group(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.WRITER, can_compute=True ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_auth_domain(self): @@ -374,14 +1061,14 @@ def test_one_upload_workspace_auth_domain(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) # auth domain is shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_admin_group(self): @@ -390,14 +1077,14 @@ def test_one_upload_workspace_dcc_admin_group(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") @@ -407,21 +1094,21 @@ def test_one_upload_workspace_dcc_admin_group_different_name(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_anvil_admin_group(self): group = ManagedGroupFactory.create(name="anvil-admins") upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) WorkspaceGroupSharingFactory.create(workspace=upload_workspace.workspace, group=group) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared @@ -431,7 +1118,7 @@ def test_one_upload_workspace_anvil_dev_group(self): group = ManagedGroupFactory.create(name="anvil_devs") upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) WorkspaceGroupSharingFactory.create(workspace=upload_workspace.workspace, group=group) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared @@ -443,20 +1130,20 @@ def test_one_upload_workspace_other_group_shared(self): WorkspaceGroupSharingFactory.create( workspace=upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_other_group_not_shared(self): ManagedGroupFactory.create(name="foo") factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) # auth domain is not shared @@ -470,23 +1157,23 @@ def test_two_upload_workspaces(self): group=upload_workspace_1.workspace.authorization_domains.first(), ) upload_workspace_2 = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace_1) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace_1.workspace) self.assertEqual(record.managed_group, upload_workspace_1.workspace.authorization_domains.first()) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, upload_workspace_2) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, upload_workspace_2.workspace) self.assertEqual(record.managed_group, upload_workspace_2.workspace.authorization_domains.first()) self.assertIsNone(record.current_sharing_instance) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_queryset(self): """Audit only runs on the specified queryset of dbGaPApplications.""" @@ -497,7 +1184,7 @@ def test_queryset(self): ) upload_workspace_2 = factories.UploadWorkspaceFactory.create() # First application - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + audit = upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=models.UploadWorkspace.objects.filter(pk=upload_workspace_1.pk) ) audit.run_audit() @@ -505,13 +1192,13 @@ def test_queryset(self): self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, upload_workspace_1) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, upload_workspace_1.workspace) self.assertEqual(record.managed_group, upload_workspace_1.workspace.authorization_domains.first()) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) # Second application - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + audit = upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=models.UploadWorkspace.objects.filter(pk=upload_workspace_2.pk) ) audit.run_audit() @@ -519,18 +1206,18 @@ def test_queryset(self): self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, upload_workspace_2) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, upload_workspace_2.workspace) self.assertEqual(record.managed_group, upload_workspace_2.workspace.authorization_domains.first()) self.assertIsNone(record.current_sharing_instance) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_queryset_wrong_class(self): """Raises ValueError if queryset is not a QuerySet.""" with self.assertRaises(ValueError): - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit(queryset="foo") + upload_workspace_audit.UploadWorkspaceSharingAudit(queryset="foo") with self.assertRaises(ValueError): - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=models.CombinedConsortiumDataWorkspace.objects.all() ) @@ -562,34 +1249,30 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_uploaders_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -598,89 +1281,79 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_FUTURE_CYCLE) def test_dcc_writers_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_dcc_writers_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -689,85 +1362,79 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_auth_domain_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -776,79 +1443,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -857,49 +1524,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -907,31 +1574,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -944,7 +1611,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -954,7 +1621,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -964,7 +1631,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -975,14 +1642,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -995,7 +1662,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1005,7 +1672,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1015,7 +1682,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1026,30 +1693,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1058,49 +1725,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditCurrentCycleBeforeComputeTest(TestCase): @@ -1132,35 +1799,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -1170,57 +1837,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -1228,34 +1895,30 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1264,85 +1927,79 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_auth_domain_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1351,79 +2008,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1432,49 +2089,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -1482,31 +2139,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1519,7 +2176,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1529,7 +2186,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1539,7 +2196,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1550,14 +2207,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1570,7 +2227,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1580,7 +2237,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1590,7 +2247,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -1601,30 +2258,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1633,49 +2290,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditCurrentCycleAfterComputeTest(TestCase): @@ -1709,35 +2366,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -1747,57 +2404,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_AFTER_COMPUTE, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -1805,34 +2462,30 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1841,85 +2494,79 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual( - record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_CURRENT_CYCLE) def test_auth_domain_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -1928,79 +2575,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2009,49 +2656,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -2059,31 +2706,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2096,7 +2743,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2106,7 +2753,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2116,7 +2763,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2127,14 +2774,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2147,7 +2794,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2157,7 +2804,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2167,7 +2814,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2178,30 +2825,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2210,49 +2857,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditPastCycleBeforeQCCompleteTest(TestCase): @@ -2283,35 +2930,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -2321,57 +2968,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -2379,35 +3026,35 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_shared_as_writer_can_compute(self): @@ -2417,57 +3064,57 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_BEFORE_QC_COMPLETE, ) def test_auth_domain_shared_as_writer_no_compute(self): @@ -2475,30 +3122,30 @@ def test_auth_domain_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2507,79 +3154,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2588,49 +3235,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -2638,31 +3285,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2675,7 +3322,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2685,7 +3332,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2695,7 +3342,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2706,14 +3353,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2726,7 +3373,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2736,7 +3383,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2746,7 +3393,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -2757,30 +3404,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -2789,49 +3436,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditPastCycleAfterQCCompleteTest(TestCase): @@ -2863,35 +3510,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -2901,57 +3548,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -2959,35 +3606,35 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_shared_as_writer_can_compute(self): @@ -2997,57 +3644,57 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) def test_auth_domain_shared_as_writer_no_compute(self): @@ -3055,30 +3702,30 @@ def test_auth_domain_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3087,79 +3734,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3168,49 +3815,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -3218,31 +3865,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3255,7 +3902,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3265,7 +3912,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3275,7 +3922,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3286,14 +3933,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3306,7 +3953,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3316,7 +3963,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3326,7 +3973,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3337,30 +3984,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3369,49 +4016,49 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) class UploadWorkspaceSharingAuditPastCycleAfterCombinedWorkspaceSharedTest(TestCase): @@ -3451,35 +4098,35 @@ def test_uploaders_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_uploaders_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_uploaders_shared_as_writer_can_compute(self): @@ -3489,57 +4136,57 @@ def test_uploaders_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_uploaders_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_uploaders_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.rc_uploader_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_shared_as_writer_no_compute(self): @@ -3547,35 +4194,35 @@ def test_dcc_writers_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, None) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_shared_as_writer_can_compute(self): @@ -3585,57 +4232,57 @@ def test_dcc_writers_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_dcc_writers_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_sharing_instance, sharing) self.assertEqual( record.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_PAST_CYCLE_COMBINED_WORKSPACE_READY, ) def test_auth_domain_shared_as_writer_no_compute(self): @@ -3643,30 +4290,30 @@ def test_auth_domain_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3675,79 +4322,79 @@ def test_auth_domain_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_auth_domain_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.auth_domain) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.auth_domain) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_dcc_admin_shared_as_writer_no_compute(self): # Share the workspace with the group. sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3756,49 +4403,49 @@ def test_dcc_admin_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_dcc_admin_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") def test_dcc_admin_different_setting(self): @@ -3806,31 +4453,31 @@ def test_dcc_admin_different_setting(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_anvil_admins_shared_as_writer_no_compute(self): # Share the workspace with the group. WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_admins_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3843,7 +4490,7 @@ def test_anvil_admins_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3853,7 +4500,7 @@ def test_anvil_admins_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3863,7 +4510,7 @@ def test_anvil_admins_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3874,14 +4521,14 @@ def test_anvil_devs_shared_as_writer_no_compute(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3894,7 +4541,7 @@ def test_anvil_devs_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3904,7 +4551,7 @@ def test_anvil_devs_shared_as_reader(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3914,7 +4561,7 @@ def test_anvil_devs_shared_as_owner(self): WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -3925,30 +4572,30 @@ def test_other_group_shared_as_writer_no_compute(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_not_shared(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, None) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_writer_can_compute(self): sharing = WorkspaceGroupSharingFactory.create( @@ -3957,130 +4604,80 @@ def test_other_group_shared_as_writer_can_compute(self): access=WorkspaceGroupSharing.WRITER, can_compute=True, ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_reader(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_other_group_shared_as_owner(self): sharing = WorkspaceGroupSharingFactory.create( workspace=self.upload_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER ) - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_sharing_audit.StopSharing) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_sharing_instance, sharing) - self.assertEqual(record.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) -class UploadWorkspaceAuthDomainAuditResultTest(TestCase): - """General tests of the UploadWorkspaceAuthDomainAuditResult dataclasses.""" +class UploadWorkspaceAuthDomainAuditTableTest(TestCase): + """General tests of the UploadWorkspaceAuthDomainAuditTable class.""" - def test_member_as_admin(self): - upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) - group = ManagedGroupFactory.create() - membership = GroupGroupMembershipFactory.create( - parent_group=upload_workspace.workspace.authorization_domains.first(), - child_group=group, - role=GroupGroupMembership.ADMIN, - ) - instance = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditResult( - workspace=upload_workspace, - managed_group=group, - current_membership_instance=membership, - note="foo", - ) - table_dictionary = instance.get_table_dictionary() - self.assertEqual(table_dictionary["role"], membership.ADMIN) + def test_no_rows(self): + """Table works with no rows.""" + table = upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable([]) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable) + self.assertEqual(len(table.rows), 0) - def test_member_as_member(self): - upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) + def test_one_row(self): + """Table works with one row.""" + upload_workspace = factories.UploadWorkspaceFactory.create() group = ManagedGroupFactory.create() - membership = GroupGroupMembershipFactory.create( - parent_group=upload_workspace.workspace.authorization_domains.first(), - child_group=group, - role=GroupGroupMembership.MEMBER, - ) - instance = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditResult( - workspace=upload_workspace, - managed_group=group, - current_membership_instance=membership, - note="foo", - ) - table_dictionary = instance.get_table_dictionary() - self.assertEqual(table_dictionary["role"], membership.MEMBER) - - def test_not_member(self): - upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) - group = ManagedGroupFactory.create() - instance = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditResult( - workspace=upload_workspace, - managed_group=group, - current_membership_instance=None, - note="foo", - ) - table_dictionary = instance.get_table_dictionary() - self.assertIsNone(table_dictionary["role"]) - - -class UploadWorkspaceAuthDomainAuditTableTest(TestCase): - """General tests of the UploadWorkspaceAuthDomainAuditTable class.""" - - def test_no_rows(self): - """Table works with no rows.""" - table = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable([]) - self.assertIsInstance(table, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable) - self.assertEqual(len(table.rows), 0) - - def test_one_row(self): - """Table works with one row.""" - upload_workspace = factories.UploadWorkspaceFactory.create() - group = ManagedGroupFactory.create() - GroupGroupMembershipFactory.create( + GroupGroupMembershipFactory.create( parent_group=upload_workspace.workspace.authorization_domains.first(), child_group=group, role=GroupGroupMembership.MEMBER, ) data = [ { - "workspace": upload_workspace, + "workspace": upload_workspace.workspace, "managed_group": group, "role": GroupGroupMembership.MEMBER, "note": "a note", "action": "", }, ] - table = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable(data) - self.assertIsInstance(table, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable) + table = upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable(data) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable) self.assertEqual(len(table.rows), 1) def test_two_rows(self): @@ -4095,22 +4692,22 @@ def test_two_rows(self): ) data = [ { - "workspace": upload_workspace, + "workspace": upload_workspace.workspace, "managed_group": group_1, "role": GroupGroupMembership.MEMBER, "note": "a note", "action": "", }, { - "workspace": upload_workspace, + "workspace": upload_workspace.workspace, "managed_group": group_2, "role": None, "note": "a note", "action": "", }, ] - table = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable(data) - self.assertIsInstance(table, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable) + table = upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable(data) + self.assertIsInstance(table, upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable) self.assertEqual(len(table.rows), 2) @@ -4120,14 +4717,14 @@ class UploadWorkspaceAuthDomainAuditTest(TestCase): def test_completed(self): """The completed attribute is set appropriately.""" # Instantiate the class. - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() self.assertFalse(audit.completed) audit.run_audit() self.assertTrue(audit.completed) def test_no_upload_workspaces(self): """The audit works if there are no UploadWorkspaces.""" - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4135,7 +4732,7 @@ def test_no_upload_workspaces(self): def test_one_upload_workspace_no_groups(self): upload_workspace = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4146,7 +4743,7 @@ def test_one_upload_workspace_no_groups(self): def test_two_upload_workspace_no_groups(self): upload_workspace_1 = factories.UploadWorkspaceFactory.create() upload_workspace_2 = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4160,14 +4757,14 @@ def test_one_upload_workspace_rc_member_group(self): upload_workspace = factories.UploadWorkspaceFactory.create( research_center__member_group=group, upload_cycle__is_future=True ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_rc_upload_group(self): @@ -4175,14 +4772,14 @@ def test_one_upload_workspace_rc_upload_group(self): upload_workspace = factories.UploadWorkspaceFactory.create( research_center__uploader_group=group, upload_cycle__is_future=True ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_rc_nonmember_group(self): @@ -4190,14 +4787,14 @@ def test_one_upload_workspace_rc_nonmember_group(self): upload_workspace = factories.UploadWorkspaceFactory.create( research_center__non_member_group=group, upload_cycle__is_future=True ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_member_group(self): @@ -4206,14 +4803,14 @@ def test_one_upload_workspace_dcc_member_group(self): GroupGroupMembershipFactory.create( parent_group=upload_workspace.workspace.authorization_domains.first(), child_group=group ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_writer_group(self): @@ -4222,14 +4819,14 @@ def test_one_upload_workspace_dcc_writer_group(self): GroupGroupMembershipFactory.create( parent_group=upload_workspace.workspace.authorization_domains.first(), child_group=group ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_dcc_admin_group(self): @@ -4240,14 +4837,14 @@ def test_one_upload_workspace_dcc_admin_group(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") @@ -4259,14 +4856,14 @@ def test_one_upload_workspace_dcc_admin_group_different_name(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_anvil_admin_group(self): @@ -4277,7 +4874,7 @@ def test_one_upload_workspace_anvil_admin_group(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4291,7 +4888,7 @@ def test_one_upload_workspace_anvil_dev_group(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4300,14 +4897,14 @@ def test_one_upload_workspace_anvil_dev_group(self): def test_one_upload_workspace_gregor_all_group(self): group = ManagedGroupFactory.create(name="GREGOR_ALL") upload_workspace = factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_other_group_member(self): @@ -4318,20 +4915,20 @@ def test_one_upload_workspace_other_group_member(self): child_group=group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, upload_workspace.workspace) self.assertEqual(record.managed_group, group) def test_one_upload_workspace_other_group_not_member(self): ManagedGroupFactory.create(name="foo") factories.UploadWorkspaceFactory.create(upload_cycle__is_future=True) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4347,23 +4944,23 @@ def test_two_upload_workspaces(self): role=GroupGroupMembership.ADMIN, ) upload_workspace_2 = factories.UploadWorkspaceFactory.create() - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, upload_workspace_1) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, upload_workspace_1.workspace) self.assertEqual(record.managed_group, admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, upload_workspace_2) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, upload_workspace_2.workspace) self.assertEqual(record.managed_group, admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_queryset(self): """Audit only runs on the specified queryset of UploadWorkspaces.""" @@ -4376,7 +4973,7 @@ def test_queryset(self): ) upload_workspace_2 = factories.UploadWorkspaceFactory.create() # First application - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=models.UploadWorkspace.objects.filter(pk=upload_workspace_1.pk) ) audit.run_audit() @@ -4384,13 +4981,13 @@ def test_queryset(self): self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, upload_workspace_1) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, upload_workspace_1.workspace) self.assertEqual(record.managed_group, admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) # Second application - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=models.UploadWorkspace.objects.filter(pk=upload_workspace_2.pk) ) audit.run_audit() @@ -4398,18 +4995,18 @@ def test_queryset(self): self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, upload_workspace_2) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, upload_workspace_2.workspace) self.assertEqual(record.managed_group, admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_queryset_wrong_class(self): """Raises ValueError if queryset is not a QuerySet.""" with self.assertRaises(ValueError): - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit(queryset="foo") + upload_workspace_audit.UploadWorkspaceAuthDomainAudit(queryset="foo") with self.assertRaises(ValueError): - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=models.CombinedConsortiumDataWorkspace.objects.all() ) @@ -4440,17 +5037,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -4458,17 +5055,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4476,30 +5073,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -4507,17 +5104,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4525,30 +5122,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -4556,17 +5153,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4574,30 +5171,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_FUTURE_CYCLE) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -4605,17 +5202,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4623,47 +5220,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -4671,19 +5266,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4691,34 +5284,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -4726,19 +5315,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4746,34 +5333,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -4781,19 +5364,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4801,32 +5382,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -4834,17 +5413,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4852,20 +5431,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4877,7 +5456,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4889,14 +5468,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4908,7 +5487,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4920,7 +5499,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -4955,19 +5534,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -4975,19 +5552,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -4995,34 +5570,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5030,19 +5601,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5050,34 +5619,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5085,19 +5650,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5105,32 +5668,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -5138,17 +5699,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5156,47 +5717,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -5204,19 +5763,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5224,34 +5781,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5259,19 +5812,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5279,34 +5830,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -5314,19 +5861,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5334,32 +5879,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -5367,17 +5910,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5385,20 +5928,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5410,7 +5953,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5422,14 +5965,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5441,7 +5984,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5453,7 +5996,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5490,19 +6033,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -5510,19 +6051,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5530,34 +6069,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5565,19 +6100,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5585,34 +6118,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5620,19 +6149,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5640,32 +6167,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -5673,17 +6198,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5691,47 +6216,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -5739,19 +6262,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5759,34 +6280,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -5794,19 +6311,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5814,34 +6329,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -5849,19 +6360,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5869,32 +6378,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -5902,17 +6409,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -5920,20 +6427,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5945,7 +6452,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5957,14 +6464,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5976,7 +6483,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -5988,7 +6495,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6027,19 +6534,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -6047,19 +6552,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6067,34 +6570,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_BEFORE_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6102,19 +6601,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6122,34 +6619,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6157,19 +6650,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6177,32 +6668,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -6210,17 +6699,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6228,47 +6717,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -6276,19 +6763,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6296,34 +6781,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6331,19 +6812,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6351,34 +6830,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -6386,19 +6861,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6406,32 +6879,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -6439,17 +6910,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6457,20 +6928,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6482,7 +6953,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6494,14 +6965,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6513,7 +6984,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6525,7 +6996,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -6565,19 +7036,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -6585,19 +7054,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6605,34 +7072,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6640,19 +7103,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6660,34 +7121,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_BEFORE_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6695,19 +7152,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6715,32 +7170,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -6748,17 +7201,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6766,47 +7219,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -6814,19 +7265,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6834,34 +7283,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -6869,19 +7314,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6889,34 +7332,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -6924,19 +7363,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6944,32 +7381,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_BEFORE_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -6977,17 +7412,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -6995,20 +7430,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7020,7 +7455,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7032,14 +7467,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7051,7 +7486,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7063,7 +7498,7 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7106,19 +7541,17 @@ def setUp(self): self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") def test_rc_uploaders_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_uploaders_member(self): membership = GroupGroupMembershipFactory.create( @@ -7126,19 +7559,17 @@ def test_rc_uploaders_member(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_uploaders_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7146,34 +7577,30 @@ def test_rc_uploaders_admin(self): child_group=self.rc_uploader_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_uploader_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_uploader_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_UPLOADERS_AFTER_QC) def test_rc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED) def test_rc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -7181,19 +7608,17 @@ def test_rc_members_member(self): child_group=self.rc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED) def test_rc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7201,34 +7626,30 @@ def test_rc_members_admin(self): child_group=self.rc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_MEMBERS_AFTER_COMBINED) def test_rc_non_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -7236,19 +7657,17 @@ def test_rc_non_members_member(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_rc_non_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7256,32 +7675,30 @@ def test_rc_non_members_admin(self): child_group=self.rc_non_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.rc_non_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.rc_non_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.RC_NON_MEMBERS_AFTER_START) def test_dcc_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_member(self): membership = GroupGroupMembershipFactory.create( @@ -7289,17 +7706,17 @@ def test_dcc_admins_member(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_admins_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7307,47 +7724,45 @@ def test_dcc_admins_admin(self): child_group=self.dcc_admin_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_admin_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_admin_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foobar") def test_dcc_admins_different_setting(self): group = ManagedGroupFactory.create(name="foobar") - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_dcc_writers_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_writers_member(self): membership = GroupGroupMembershipFactory.create( @@ -7355,19 +7770,17 @@ def test_dcc_writers_member(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_writers_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7375,34 +7788,30 @@ def test_dcc_writers_admin(self): child_group=self.dcc_writer_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_writer_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_writer_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_members_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_members_member(self): membership = GroupGroupMembershipFactory.create( @@ -7410,19 +7819,17 @@ def test_dcc_members_member(self): child_group=self.dcc_member_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_dcc_members_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7430,34 +7837,30 @@ def test_dcc_members_admin(self): child_group=self.dcc_member_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.dcc_member_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.dcc_member_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED) def test_gregor_all_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 1) self.assertEqual(len(audit.errors), 0) record = audit.needs_action[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED) def test_gregor_all_member(self): membership = GroupGroupMembershipFactory.create( @@ -7465,19 +7868,17 @@ def test_gregor_all_member(self): child_group=self.gregor_all_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED) def test_gregor_all_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7485,32 +7886,30 @@ def test_gregor_all_admin(self): child_group=self.gregor_all_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.gregor_all_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.gregor_all_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual( - record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED - ) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.GREGOR_ALL_AFTER_COMBINED) def test_other_group_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 1) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) record = audit.verified[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertIsNone(record.current_membership_instance) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_member(self): membership = GroupGroupMembershipFactory.create( @@ -7518,17 +7917,17 @@ def test_other_group_member(self): child_group=self.other_group, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_other_group_admin(self): membership = GroupGroupMembershipFactory.create( @@ -7536,20 +7935,20 @@ def test_other_group_admin(self): child_group=self.other_group, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.other_group) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 1) record = audit.errors[0] - self.assertIsInstance(record, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(record.workspace, self.upload_workspace) + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.upload_workspace.workspace) self.assertEqual(record.managed_group, self.other_group) self.assertEqual(record.current_membership_instance, membership) - self.assertEqual(record.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) + self.assertEqual(record.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_anvil_admins_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7561,7 +7960,7 @@ def test_anvil_admins_member(self): child_group=self.anvil_admins, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7573,14 +7972,14 @@ def test_anvil_admins_admin(self): child_group=self.anvil_admins, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_admins) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) def test_anvil_devs_not_member(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7592,7 +7991,7 @@ def test_anvil_devs_member(self): child_group=self.anvil_devs, role=GroupGroupMembership.MEMBER, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) @@ -7604,8 +8003,2113 @@ def test_anvil_devs_admin(self): child_group=self.anvil_devs, role=GroupGroupMembership.ADMIN, ) - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.audit_workspace_and_group(self.upload_workspace, self.anvil_devs) self.assertEqual(len(audit.verified), 0) self.assertEqual(len(audit.needs_action), 0) self.assertEqual(len(audit.errors), 0) + + +class CombinedConsortiumWorkspaceAuthDomainAuditTest(TestCase): + def test_completed(self): + """The completed attribute is set appropriately.""" + # Instantiate the class. + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + self.assertFalse(audit.completed) + audit.run_audit() + self.assertTrue(audit.completed) + + def test_no_workspaces(self): + """The audit works if there are no combined workspaces.""" + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_no_groups(self): + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_dcc_admin_group(self): + group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_one_workspace_dcc_admin_group_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_gregor_all_group(self): + group = ManagedGroupFactory.create(name="GREGOR_ALL") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_anvil_admins_group(self): + ManagedGroupFactory.create(name="anvil-admins") + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_anvil_devs_group(self): + ManagedGroupFactory.create(name="anvil_devs") + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_other_group_member(self): + group = ManagedGroupFactory.create() + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=combined_workspace.workspace.authorization_domains.first(), child_group=group + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_other_group_not_member(self): + ManagedGroupFactory.create() + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_two_workspaces(self): + """Audit works with two UploadWorkspaces.""" + group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + combined_workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=combined_workspace_1.workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.ADMIN, + ) + combined_workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, combined_workspace_1.workspace) + self.assertEqual(record.managed_group, group) + self.assertEqual(record.current_membership_instance, membership) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, combined_workspace_2.workspace) + self.assertEqual(record.managed_group, group) + self.assertIsNone(record.current_membership_instance) + + def test_queryset(self): + """Audit only runs on the specified queryset.""" + group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + combined_workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + membership = GroupGroupMembershipFactory.create( + parent_group=combined_workspace_1.workspace.authorization_domains.first(), + child_group=group, + role=GroupGroupMembership.ADMIN, + ) + combined_workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create() + # First application + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit( + queryset=models.CombinedConsortiumDataWorkspace.objects.filter(pk=combined_workspace_1.pk) + ) + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, combined_workspace_1.workspace) + self.assertEqual(record.managed_group, group) + self.assertEqual(record.current_membership_instance, membership) + # Second application + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit( + queryset=models.CombinedConsortiumDataWorkspace.objects.filter(pk=combined_workspace_2.pk) + ) + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, combined_workspace_2.workspace) + self.assertEqual(record.managed_group, group) + self.assertIsNone(record.current_membership_instance) + + def test_queryset_wrong_class(self): + """Raises ValueError if queryset is not a QuerySet.""" + with self.assertRaises(ValueError): + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit(queryset="foo") + with self.assertRaises(ValueError): + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit( + queryset=models.UploadWorkspace.objects.all() + ) + + +class CombinedConsortiumWorkspaceAuthDomainAuditBeforeCompleteTest(TestCase): + """Tests for the `CombinedConsortiumDataWorkspaceAuthDomainAudit` class for workspaces that are not yet complete.""" + + def setUp(self): + super().setUp() + self.dcc_member_group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.dcc_writer_group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + self.dcc_admin_group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.gregor_all_group = ManagedGroupFactory.create(name="GREGOR_ALL") + self.combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_past=True, + date_completed=None, + ) + self.auth_domain = self.combined_workspace.workspace.authorization_domains.first() + self.other_group = ManagedGroupFactory.create() + self.anvil_admins = ManagedGroupFactory.create(name="anvil-admins") + self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") + + def test_dcc_admin_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.dcc_admin_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_dcc_admin_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.dcc_admin_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_dcc_admin_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_dcc_admin_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_gregor_all_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.gregor_all_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_gregor_all_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.gregor_all_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER + ) + + def test_gregor_all_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER + ) + + def test_anvil_admins_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_member(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_admins, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_admin(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_admins, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_member(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_devs, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_admin(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_devs, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_other_group_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.other_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + + def test_other_group_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.other_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP + ) + + def test_other_group_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP + ) + + +class CombinedConsortiumWorkspaceAuthDomainAuditAfterCompleteTest(TestCase): + """Tests for the `CombinedConsortiumDataWorkspaceAuthDomainAudit` class for workspaces that are complete.""" + + def setUp(self): + super().setUp() + self.dcc_member_group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.dcc_writer_group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + self.dcc_admin_group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.gregor_all_group = ManagedGroupFactory.create(name="GREGOR_ALL") + self.combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_past=True, + date_completed=fake.date_this_year(before_today=True, after_today=False), + ) + self.auth_domain = self.combined_workspace.workspace.authorization_domains.first() + self.other_group = ManagedGroupFactory.create() + self.anvil_admins = ManagedGroupFactory.create(name="anvil-admins") + self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") + + def test_dcc_admin_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.dcc_admin_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_dcc_admin_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.dcc_admin_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_dcc_admin_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_dcc_admin_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN + ) + + def test_gregor_all_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.gregor_all_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_gregor_all_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.gregor_all_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER + ) + + def test_gregor_all_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.gregor_all_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.gregor_all_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER + ) + + def test_anvil_admins_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_member(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_admins, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_admin(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_admins, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_member(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_devs, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_admin(self): + GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.anvil_devs, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_other_group_as_admin(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.other_group, + role=GroupGroupMembership.ADMIN, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + + def test_other_group_as_member(self): + membership = GroupGroupMembershipFactory.create( + parent_group=self.combined_workspace.workspace.authorization_domains.first(), + child_group=self.other_group, + role=GroupGroupMembership.MEMBER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.Remove) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_membership_instance, membership) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP + ) + + def test_other_group_not_member(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertIsNone(record.current_membership_instance) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP + ) + + +class CombinedConsortiumWorkspaceSharingAuditTest(TestCase): + def test_completed(self): + """The completed attribute is set appropriately.""" + # Instantiate the class. + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + self.assertFalse(audit.completed) + audit.run_audit() + self.assertTrue(audit.completed) + + def test_no_workspaces(self): + """The audit works if there are no combined workspaces.""" + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_no_groups(self): + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_dcc_admin_group(self): + group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_one_workspace_dcc_admin_group_different_name(self): + group = ManagedGroupFactory.create(name="foo") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_dcc_writer_group(self): + group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_dcc_member_group(self): + group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_anvil_admins(self): + ManagedGroupFactory.create(name="anvil-admins") + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_anvil_devs(self): + ManagedGroupFactory.create(name="anvil_devs") + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_one_workspace_auth_domain(self): + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = combined_workspace.workspace.authorization_domains.first() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_other_group_shared(self): + group = ManagedGroupFactory.create() + combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + WorkspaceGroupSharingFactory.create(workspace=combined_workspace.workspace, group=group) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + + def test_one_workspace_other_group_not_shared(self): + ManagedGroupFactory.create() + factories.CombinedConsortiumDataWorkspaceFactory.create() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) # The auth domain + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_two_workspaces(self): + """Audit works with two UploadWorkspaces.""" + combined_workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + combined_workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=fake.date_this_year(before_today=True, after_today=False) + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, combined_workspace_1.workspace) + self.assertEqual(record.managed_group, combined_workspace_1.workspace.authorization_domains.first()) + self.assertIsNone(record.current_sharing_instance) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, combined_workspace_2.workspace) + self.assertEqual(record.managed_group, combined_workspace_2.workspace.authorization_domains.first()) + self.assertIsNone(record.current_sharing_instance) + + def test_queryset(self): + """Audit only runs on the specified queryset.""" + combined_workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + combined_workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=fake.date_this_year(before_today=True, after_today=False) + ) + # First application + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit( + queryset=models.CombinedConsortiumDataWorkspace.objects.filter(pk=combined_workspace_1.pk) + ) + audit.run_audit() + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, combined_workspace_1.workspace) + self.assertEqual(record.managed_group, combined_workspace_1.workspace.authorization_domains.first()) + self.assertIsNone(record.current_sharing_instance) + # Second application + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit( + queryset=models.CombinedConsortiumDataWorkspace.objects.filter(pk=combined_workspace_2.pk) + ) + audit.run_audit() + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, combined_workspace_2.workspace) + self.assertEqual(record.managed_group, combined_workspace_2.workspace.authorization_domains.first()) + self.assertIsNone(record.current_sharing_instance) + + def test_queryset_wrong_class(self): + """Raises ValueError if queryset is not a QuerySet.""" + with self.assertRaises(ValueError): + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit(queryset="foo") + with self.assertRaises(ValueError): + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit( + queryset=models.UploadWorkspace.objects.all() + ) + + +class CombinedConsortiumWorkspaceSharingAuditBeforeCompleteTest(TestCase): + def setUp(self): + super().setUp() + self.dcc_member_group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.dcc_writer_group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + self.dcc_admin_group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_past=True, + date_completed=None, + ) + self.auth_domain = self.combined_workspace.workspace.authorization_domains.first() + self.other_group = ManagedGroupFactory.create() + self.anvil_admins = ManagedGroupFactory.create(name="anvil-admins") + self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") + + def test_dcc_admin_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_admin_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_dcc_admin_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_writers_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_writers_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_writers_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_writers_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.READER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_writers_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.WRITER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.READER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_dcc_members_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_member_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_BEFORE_COMPLETE, + ) + + def test_auth_domain_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_auth_domain_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_auth_domain_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.auth_domain, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_auth_domain_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_auth_domain_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + + def test_anvil_admins_shared_as_writer_no_compute(self): + # Share the workspace with the group. + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_writer_can_compute(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.anvil_admins, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_reader(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_owner(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_writer_no_compute(self): + # Share the workspace with the group. + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_writer_can_compute(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.anvil_devs, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_reader(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_owner(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_other_group_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.other_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + +class CombinedConsortiumWorkspaceSharingAuditAfterCompleteTest(TestCase): + def setUp(self): + super().setUp() + self.dcc_member_group = ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.dcc_writer_group = ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + self.dcc_admin_group = ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.combined_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_past=True, + date_completed=fake.date_this_year(before_today=True, after_today=False), + ) + self.auth_domain = self.combined_workspace.workspace.authorization_domains.first() + self.other_group = ManagedGroupFactory.create() + self.anvil_admins = ManagedGroupFactory.create(name="anvil-admins") + self.anvil_devs = ManagedGroupFactory.create(name="anvil_devs") + + def test_dcc_admin_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_admin_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_admin_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_admin_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_admin_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_admin_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + @override_settings(ANVIL_DCC_ADMINS_GROUP_NAME="foo") + def test_dcc_admin_different_setting(self): + group = ManagedGroupFactory.create(name="foo") + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER + ) + + def test_dcc_writers_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_writers_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_writers_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_writers_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_writer_group, + access=WorkspaceGroupSharing.READER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_writers_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_writer_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_writer_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_writer_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_AFTER_COMPLETE + ) + + def test_dcc_members_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.WRITER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_dcc_members_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_dcc_members_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_dcc_members_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.dcc_member_group, + access=WorkspaceGroupSharing.READER, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_dcc_members_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.dcc_member_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.dcc_member_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.dcc_member_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE + ) + + def test_auth_domain_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_auth_domain_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 1) + self.assertEqual(len(audit.errors), 0) + record = audit.needs_action[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_auth_domain_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.auth_domain, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_auth_domain_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_auth_domain_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.auth_domain, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.auth_domain) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.auth_domain) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual( + record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE + ) + + def test_anvil_admins_shared_as_writer_no_compute(self): + # Share the workspace with the group. + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_writer_can_compute(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.anvil_admins, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_reader(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_admins_shared_as_owner(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_admins, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_admins) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_writer_no_compute(self): + # Share the workspace with the group. + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_writer_can_compute(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.anvil_devs, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_reader(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_anvil_devs_shared_as_owner(self): + WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.anvil_devs, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.anvil_devs) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + + def test_other_group_shared_as_writer_no_compute(self): + # Share the workspace with the group. + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.WRITER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_not_shared(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 1) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 0) + record = audit.verified[0] + self.assertIsInstance(record, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, None) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_writer_can_compute(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, + group=self.other_group, + access=WorkspaceGroupSharing.WRITER, + can_compute=True, + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_reader(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.READER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) + + def test_other_group_shared_as_owner(self): + sharing = WorkspaceGroupSharingFactory.create( + workspace=self.combined_workspace.workspace, group=self.other_group, access=WorkspaceGroupSharing.OWNER + ) + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.audit_workspace_and_group(self.combined_workspace, self.other_group) + self.assertEqual(len(audit.verified), 0) + self.assertEqual(len(audit.needs_action), 0) + self.assertEqual(len(audit.errors), 1) + record = audit.errors[0] + self.assertIsInstance(record, workspace_sharing_audit_results.StopSharing) + self.assertEqual(record.workspace, self.combined_workspace.workspace) + self.assertEqual(record.managed_group, self.other_group) + self.assertEqual(record.current_sharing_instance, sharing) + self.assertEqual(record.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP) diff --git a/gregor_django/gregor_anvil/tests/test_commands.py b/gregor_django/gregor_anvil/tests/test_commands.py index b39cbfbe..33568383 100644 --- a/gregor_django/gregor_anvil/tests/test_commands.py +++ b/gregor_django/gregor_anvil/tests/test_commands.py @@ -1,5 +1,6 @@ """Tests for management commands in the `gregor_anvil` app.""" +from datetime import timedelta from io import StringIO from anvil_consortium_manager.models import GroupGroupMembership, WorkspaceGroupSharing @@ -14,6 +15,7 @@ from django.core.management import call_command from django.test import TestCase from django.urls import reverse +from django.utils import timezone from . import factories @@ -364,3 +366,301 @@ def test_auth_domain_audit_one_instance_needs_action_link_in_output(self): self.assertIn(url, out.getvalue()) # Zero messages have been sent by default. self.assertEqual(len(mail.outbox), 0) + + +class RunCombinedWorkspaceAuditTestCase(TestCase): + def test_no_workspaces(self): + """Test command output.""" + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... ok!", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... ok!", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_verified(self): + """Test command output with one verified instance.""" + factories.CombinedConsortiumDataWorkspaceFactory.create() + # Verified not shared with auth domain. + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... ok!", + "* Verified: 1", + "* Needs action: 0", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_needs_action(self): + """Test command output with one needs_action instance.""" + # Create a workspace and matching DAR. + factories.CombinedConsortiumDataWorkspaceFactory.create(date_completed=timezone.now() - timedelta(days=1)) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... problems found.", + "* Verified: 0", + "* Needs action: 1", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_error(self): + """Test command output with one error instance.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=workspace.workspace.authorization_domains.first(), + access=WorkspaceGroupSharing.OWNER, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... problems found.", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 1", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_verified_email(self): + """No email is sent when there are no errors.""" + factories.CombinedConsortiumDataWorkspaceFactory.create() + # Verified not shared with auth domain. + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + self.assertIn("Running CombinedConsortiumDataWorkspace sharing audit... ok!", out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_one_instance_needs_action_email(self): + """Email is sent for one needs_action instance.""" + # Create a workspace and matching DAR. + factories.CombinedConsortiumDataWorkspaceFactory.create(date_completed=timezone.now() - timedelta(days=1)) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... problems found.", + "* Verified: 0", + "* Needs action: 1", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # One message has been sent by default. + self.assertEqual(len(mail.outbox), 1) + email = mail.outbox[0] + self.assertEqual(email.to, ["test@example.com"]) + self.assertEqual(email.subject, "CombinedConsortiumDataWorkspaceSharingAudit - problems found") + + def test_sharing_audit_one_instance_error_email(self): + """Test command output with one error instance.""" + # Create a workspace and matching DAR. + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=workspace.workspace.authorization_domains.first(), + access=WorkspaceGroupSharing.OWNER, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace sharing audit... problems found.", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 1", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # One message has been sent by default. + self.assertEqual(len(mail.outbox), 1) + email = mail.outbox[0] + self.assertEqual(email.to, ["test@example.com"]) + self.assertEqual(email.subject, "CombinedConsortiumDataWorkspaceSharingAudit - problems found") + + def test_sharing_audit_one_instance_needs_action_link_in_output(self): + factories.CombinedConsortiumDataWorkspaceFactory.create(date_completed=timezone.now() - timedelta(days=1)) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + url = reverse("gregor_anvil:audit:combined_workspaces:sharing:all") + self.assertIn(url, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_sharing_audit_different_domain(self): + """Test command output when a different domain is specified.""" + site = Site.objects.create(domain="foobar.com", name="test") + site.save() + with self.settings(SITE_ID=site.id): + factories.CombinedConsortiumDataWorkspaceFactory.create(date_completed=timezone.now() - timedelta(days=1)) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + self.assertIn("Running CombinedConsortiumDataWorkspace sharing audit... problems found.", out.getvalue()) + self.assertIn("https://foobar.com", out.getvalue()) + + def test_auth_domain_audit_one_instance_verified(self): + """Test command output with one verified instance.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group__name=settings.ANVIL_DCC_ADMINS_GROUP_NAME, + role=GroupGroupMembership.ADMIN, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... ok!", + "* Verified: 1", + "* Needs action: 0", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_auth_domain_audit_one_instance_needs_action(self): + """Test command output with one needs_action instance.""" + factories.CombinedConsortiumDataWorkspaceFactory.create() + ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... problems found.", + "* Verified: 0", + "* Needs action: 1", + "* Errors: 0", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_auth_domain_audit_one_instance_error(self): + """Test command output with one error instance.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + role=GroupGroupMembership.ADMIN, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... problems found.", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 1", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_auth_domain_audit_one_instance_verified_email(self): + """No email is sent when there are no errors.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group__name="GREGOR_ALL", + role=GroupGroupMembership.MEMBER, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + self.assertIn("Running CombinedConsortiumDataWorkspace auth domain audit... ok!", out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) + + def test_auth_domain_audit_one_instance_needs_action_email(self): + """Email is sent for one needs_action instance.""" + # Create a workspace and matching DAR. + factories.CombinedConsortiumDataWorkspaceFactory.create() + factories.ManagedGroupFactory.create(name="GREGOR_ALL") + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + # One message has been sent by default. + self.assertEqual(len(mail.outbox), 1) + email = mail.outbox[0] + self.assertEqual(email.to, ["test@example.com"]) + self.assertEqual(email.subject, "CombinedConsortiumDataWorkspaceAuthDomainAudit - problems found") + + def test_auth_domain_audit_one_instance_error_email(self): + """Test command output with one error instance.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + role=GroupGroupMembership.ADMIN, + ) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", email="test@example.com", stdout=out) + expected_string = "\n".join( + [ + "Running CombinedConsortiumDataWorkspace auth domain audit... problems found.", + "* Verified: 0", + "* Needs action: 0", + "* Errors: 1", + ] + ) + self.assertIn(expected_string, out.getvalue()) + # One message has been sent by default. + self.assertEqual(len(mail.outbox), 1) + email = mail.outbox[0] + self.assertEqual(email.to, ["test@example.com"]) + self.assertEqual(email.subject, "CombinedConsortiumDataWorkspaceAuthDomainAudit - problems found") + + def test_auth_domain_audit_different_domain(self): + """Test command output when a different domain is specified.""" + site = Site.objects.create(domain="foobar.com", name="test") + site.save() + with self.settings(SITE_ID=site.id): + factories.CombinedConsortiumDataWorkspaceFactory.create() + ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + self.assertIn( + "Running CombinedConsortiumDataWorkspace auth domain audit... problems found.", out.getvalue() + ) + self.assertIn("https://foobar.com", out.getvalue()) + + def test_auth_domain_audit_one_instance_needs_action_link_in_output(self): + factories.CombinedConsortiumDataWorkspaceFactory.create() + ManagedGroupFactory.create(name="GREGOR_ALL") + out = StringIO() + call_command("run_combined_workspace_audit", "--no-color", stdout=out) + url = reverse("gregor_anvil:audit:combined_workspaces:auth_domains:all") + self.assertIn(url, out.getvalue()) + # Zero messages have been sent by default. + self.assertEqual(len(mail.outbox), 0) diff --git a/gregor_django/gregor_anvil/tests/test_views.py b/gregor_django/gregor_anvil/tests/test_views.py index 32806ab0..fc714590 100644 --- a/gregor_django/gregor_anvil/tests/test_views.py +++ b/gregor_django/gregor_anvil/tests/test_views.py @@ -25,7 +25,12 @@ from gregor_django.users.tests.factories import UserFactory from .. import forms, models, tables, views -from ..audit import upload_workspace_auth_domain_audit, upload_workspace_sharing_audit +from ..audit import ( + combined_workspace_audit, + upload_workspace_audit, + workspace_auth_domain_audit_results, + workspace_sharing_audit_results, +) from . import factories # from .utils import AnVILAPIMockTestMixin @@ -1906,18 +1911,26 @@ def test_contains_upload_workspaces_from_previous_cycles(self): self.assertIn(upload_workspace_1, response.context_data["upload_workspace_table"].data) self.assertIn(upload_workspace_2, response.context_data["upload_workspace_table"].data) - def test_contains_share_with_auth_domain_button(self): - acm_factories.WorkspaceAuthorizationDomainFactory.create( - workspace=self.object.workspace, group__name="test_auth" + def test_contains_sharing_audit_button(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url(self.object.workspace.billing_project.name, self.object.workspace.name)) + url = reverse( + "gregor_anvil:audit:combined_workspaces:sharing:by_workspace", + args=[ + self.object.workspace.billing_project.name, + self.object.workspace.name, + ], ) + self.assertContains(response, url) + + def test_contains_auth_domain_audit_button(self): self.client.force_login(self.user) response = self.client.get(self.get_url(self.object.workspace.billing_project.name, self.object.workspace.name)) url = reverse( - "anvil_consortium_manager:workspaces:sharing:new_by_group", + "gregor_anvil:audit:combined_workspaces:auth_domains:by_workspace", args=[ self.object.workspace.billing_project.name, self.object.workspace.name, - "test_auth", ], ) self.assertContains(response, url) @@ -2442,7 +2455,7 @@ def test_context_audit_results_no_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -2456,7 +2469,7 @@ def test_context_audit_results_one_upload_workspace(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -2472,7 +2485,7 @@ def test_context_audit_results_two_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 2) @@ -2493,15 +2506,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), acm_models.WorkspaceGroupSharing.OWNER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -2516,15 +2529,15 @@ def test_context_needs_action_table_share_as_reader(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, + upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2548,15 +2561,15 @@ def test_context_needs_action_table_share_as_writer(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2577,15 +2590,15 @@ def test_context_needs_action_table_share_with_compute(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2606,15 +2619,15 @@ def test_context_needs_action_table_share_as_owner(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2646,15 +2659,15 @@ def test_context_needs_action_table_stop_sharing(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2681,15 +2694,15 @@ def test_context_error_table_stop_sharing(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, + upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2797,7 +2810,7 @@ def test_context_audit_results(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -2835,15 +2848,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), acm_models.WorkspaceGroupSharing.OWNER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -2862,15 +2875,15 @@ def test_context_needs_action_table_share_as_reader(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, + upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2899,15 +2912,15 @@ def test_context_needs_action_table_share_as_writer(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2932,15 +2945,15 @@ def test_context_needs_action_table_share_with_compute(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -2965,15 +2978,15 @@ def test_context_needs_action_table_share_as_owner(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3013,15 +3026,15 @@ def test_context_needs_action_table_stop_sharing(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3053,15 +3066,15 @@ def test_context_error_table_stop_sharing(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, + upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3140,7 +3153,7 @@ def test_context_audit_results_no_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -3154,7 +3167,7 @@ def test_context_audit_results_one_upload_workspace(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -3170,7 +3183,7 @@ def test_context_audit_results_two_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 2) @@ -3186,7 +3199,7 @@ def test_context_audit_results_ignores_other_upload_cycles(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit, + upload_workspace_audit.UploadWorkspaceSharingAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -3206,15 +3219,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), acm_models.WorkspaceGroupSharing.OWNER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -3229,15 +3242,15 @@ def test_context_needs_action_table_share_as_reader(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, + upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3261,15 +3274,15 @@ def test_context_needs_action_table_share_as_writer(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3290,15 +3303,15 @@ def test_context_needs_action_table_share_with_compute(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3319,15 +3332,15 @@ def test_context_needs_action_table_share_as_owner(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("access")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3362,15 +3375,15 @@ def test_context_needs_action_table_stop_sharing(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_PAST_CYCLE_AFTER_QC_COMPLETE, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3398,15 +3411,15 @@ def test_context_error_table_stop_sharing(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditTable, + upload_workspace_audit.UploadWorkspaceSharingAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("access"), "READER") self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, + upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -3530,7 +3543,7 @@ def test_get_context_audit_result(self): self.assertIn("audit_result", response.context_data) self.assertIsInstance( response.context_data["audit_result"], - upload_workspace_sharing_audit.UploadWorkspaceSharingAuditResult, + workspace_sharing_audit_results.WorkspaceSharingAuditResult, ) def test_get_verified_shared(self): @@ -3548,12 +3561,10 @@ def test_get_verified_shared(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.VerifiedShared) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_get_verified_not_shared(self): """Get request with VerifiedNotShared result.""" @@ -3565,12 +3576,10 @@ def test_get_verified_not_shared(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.VerifiedNotShared) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.OTHER_GROUP_NO_ACCESS) def test_get_share_as_reader(self): """Get request with ShareAsReader result.""" @@ -3582,12 +3591,10 @@ def test_get_share_as_reader(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsReader) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.AUTH_DOMAIN_AS_READER) def test_get_share_as_writer(self): group = acm_factories.ManagedGroupFactory.create() @@ -3601,12 +3608,12 @@ def test_get_share_as_writer(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsWriter) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsWriter) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) self.assertEqual( audit_result.note, - upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, + upload_workspace_audit.UploadWorkspaceSharingAudit.RC_UPLOADERS_CURRENT_CYCLE_BEFORE_COMPUTE, ) def test_get_share_with_compute(self): @@ -3618,12 +3625,10 @@ def test_get_share_with_compute(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareWithCompute) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_WRITERS_FUTURE_CYCLE) def test_get_share_as_owner(self): group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) @@ -3634,12 +3639,10 @@ def test_get_share_as_owner(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsOwner) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_sharing_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER) def test_post_billing_project_does_not_exist(self): """Raises a 404 error with an invalid billing project.""" @@ -4233,7 +4236,7 @@ def test_post_share_as_reader_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsReader) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4264,7 +4267,7 @@ def test_post_new_share_as_writer_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsWriter) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsWriter) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4294,7 +4297,7 @@ def test_post_new_share_with_compute_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareWithCompute) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4324,7 +4327,7 @@ def test_post_new_share_as_owner_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.ShareAsOwner) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4363,7 +4366,7 @@ def test_post_new_stop_sharing_anvil_api_error(self): # Audit result is still as expected. self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_sharing_audit.StopSharing) + self.assertIsInstance(audit_result, workspace_sharing_audit_results.StopSharing) # A message was added. messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 1) @@ -4574,7 +4577,7 @@ def get_url(self, *args): def get_view(self): """Return the view being tested.""" - return views.UploadWorkspaceAuthDomainAuditByUploadCycle.as_view() + return views.UploadWorkspaceAuthDomainAudit.as_view() def test_view_redirect_not_logged_in(self): "View redirects to login view when user is not logged in." @@ -4599,13 +4602,6 @@ def test_access_without_user_permission(self): with self.assertRaises(PermissionDenied): self.get_view()(request) - def test_invalid_upload_cycle(self): - """Raises a 404 error with an invalid upload cycle.""" - request = self.factory.get(self.get_url()) - request.user = self.user - with self.assertRaises(Http404): - self.get_view()(request) - def test_context_audit_results_no_upload_workspaces(self): """The audit_results exists in the context.""" self.client.force_login(self.user) @@ -4614,7 +4610,7 @@ def test_context_audit_results_no_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -4628,7 +4624,7 @@ def test_context_audit_results_one_upload_workspace(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -4644,7 +4640,7 @@ def test_context_audit_results_two_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 2) @@ -4667,15 +4663,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -4695,15 +4691,15 @@ def test_context_verified_table_no_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), None) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -4718,15 +4714,15 @@ def test_context_needs_action_table_add_member(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4741,15 +4737,15 @@ def test_context_needs_action_table_add_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4774,15 +4770,15 @@ def test_context_needs_action_table_remove(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4802,15 +4798,15 @@ def test_context_error_table_remove(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4830,15 +4826,15 @@ def test_context_errors_table_change_to_member(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4858,15 +4854,15 @@ def test_context_needs_action_table_change_to_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -4977,7 +4973,7 @@ def test_context_audit_results(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -5017,15 +5013,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -5052,15 +5048,15 @@ def test_context_verified_table_no_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), None) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -5079,15 +5075,15 @@ def test_context_needs_action_table_add_member(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5106,15 +5102,15 @@ def test_context_needs_action_table_add_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5146,15 +5142,15 @@ def test_context_needs_action_table_remove(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5178,15 +5174,15 @@ def test_context_error_table_remove(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5210,15 +5206,15 @@ def test_context_errors_table_change_to_member(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5242,15 +5238,15 @@ def test_context_needs_action_table_change_to_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5329,7 +5325,7 @@ def test_context_audit_results_no_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -5343,7 +5339,7 @@ def test_context_audit_results_one_upload_workspace(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 1) @@ -5359,7 +5355,7 @@ def test_context_audit_results_two_upload_workspaces(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 2) @@ -5375,7 +5371,7 @@ def test_context_audit_results_ignores_other_upload_cycles(self): audit_results = response.context_data["audit_results"] self.assertIsInstance( audit_results, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit, ) self.assertTrue(audit_results.completed) self.assertEqual(audit_results.queryset.count(), 0) @@ -5397,15 +5393,15 @@ def test_context_verified_table_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -5428,15 +5424,15 @@ def test_context_verified_table_no_access(self): table = response.context_data["verified_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), None) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertEqual(table.rows[0].get_cell_value("action"), "—") @@ -5451,15 +5447,15 @@ def test_context_needs_action_table_add_member(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5474,15 +5470,15 @@ def test_context_needs_action_table_add_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertIsNone(table.rows[0].get_cell_value("role")) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5510,15 +5506,15 @@ def test_context_needs_action_table_remove(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_AFTER_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5538,15 +5534,15 @@ def test_context_error_table_remove(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5566,15 +5562,15 @@ def test_context_errors_table_change_to_member(self): table = response.context_data["errors_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5594,15 +5590,15 @@ def test_context_needs_action_table_change_to_admin(self): table = response.context_data["needs_action_table"] self.assertIsInstance( table, - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditTable, + upload_workspace_audit.UploadWorkspaceAuthDomainAuditTable, ) self.assertEqual(len(table.rows), 1) - self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace) + self.assertEqual(table.rows[0].get_cell_value("workspace"), upload_workspace.workspace) self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) self.assertEqual( table.rows[0].get_cell_value("note"), - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, + upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS, ) self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") @@ -5728,7 +5724,7 @@ def test_get_context_audit_result(self): self.assertIn("audit_result", response.context_data) self.assertIsInstance( response.context_data["audit_result"], - upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAuditResult, + workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult, ) def test_get_verified_member(self): @@ -5746,12 +5742,10 @@ def test_get_verified_member(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.VerifiedMember) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_get_verified_admin(self): """Get request with VerifiedAdmin result.""" @@ -5768,12 +5762,10 @@ def test_get_verified_admin(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.VerifiedAdmin) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_get_verified_not_member(self): """Get request with VerifiedNotMember result.""" @@ -5785,12 +5777,10 @@ def test_get_verified_not_member(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.VerifiedNotMember) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_get_add_member(self): """Get request with AddMember result.""" @@ -5802,12 +5792,10 @@ def test_get_add_member(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.AddMember) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_get_add_admin(self): """Get request with AddAdmin result.""" @@ -5819,12 +5807,10 @@ def test_get_add_admin(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.AddAdmin) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_get_change_to_member(self): """Get request with ChangeToMember result.""" @@ -5841,12 +5827,10 @@ def test_get_change_to_member(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.ChangeToMember) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_BEFORE_COMBINED) def test_get_change_to_admin(self): """Get request with ChangeToAdmin result.""" @@ -5863,12 +5847,10 @@ def test_get_change_to_admin(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.ChangeToAdmin) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.DCC_ADMINS) def test_get_remove(self): """Get request with ChangeToAdmin result.""" @@ -5884,12 +5866,10 @@ def test_get_remove(self): ) self.assertIn("audit_result", response.context_data) audit_result = response.context_data["audit_result"] - self.assertIsInstance(audit_result, upload_workspace_auth_domain_audit.Remove) - self.assertEqual(audit_result.workspace, upload_workspace) + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.Remove) + self.assertEqual(audit_result.workspace, upload_workspace.workspace) self.assertEqual(audit_result.managed_group, group) - self.assertEqual( - audit_result.note, upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP - ) + self.assertEqual(audit_result.note, upload_workspace_audit.UploadWorkspaceAuthDomainAudit.OTHER_GROUP) def test_post_billing_project_does_not_exist(self): """Raises a 404 error with an invalid billing project.""" @@ -6947,3 +6927,3918 @@ def test_post_htmx_api_error_remove_member(self): # No messages messages = [m.message for m in get_messages(response.wsgi_request)] self.assertEqual(len(messages), 0) + + +class CombinedConsortiumDataWorkspaceSharingAuditTest(AnVILAPIMockTestMixin, TestCase): + """Tests for the CombinedConsortiumDataWorkspaceSharingAudit view.""" + + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:sharing:all", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceSharingAudit.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url()) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url(), + ) + + def test_status_code_with_user_permission_view(self): + """Returns successful response code if the user has view permission.""" + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertEqual(response.status_code, 200) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url()) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_context_audit_results_no_workspaces(self): + """The audit_results exists in the context.""" + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 0) + + def test_context_audit_results_one_workspace(self): + """The audit_results exists in the context.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 1) + self.assertIn(workspace, audit_results.queryset) + + def test_context_audit_results_two_workspaces(self): + """The audit_results exists in the context.""" + workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 2) + self.assertIn(workspace_1, audit_results.queryset) + self.assertIn(workspace_2, audit_results.queryset) + + def test_context_verified_table_access(self): + """verified_table shows a record when audit has verified access.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_verified_table_no_access(self): + """verified_table shows a record when audit has verified access.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = workspace.workspace.authorization_domains.first() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_reader(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_writer_with_compute(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_owner(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_stop_sharing(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + # Change upload workspace end dates so it's in the past. + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.localdate() - timedelta(days=1), + ) + # Create a sharing record. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Share with the auth domain to prevent that audit result. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=workspace.workspace.authorization_domains.first(), + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_error_table_stop_sharing(self): + """error_table shows a record when an audit error is detected.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + # Create a sharing record. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_title(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + # self.assertContains(response, str(self.workspace)) + self.assertIn("all combined workspaces", response.content.decode().lower()) + + +class CombinedConsortiumDataWorkspaceSharingAuditByWorkspaceTest(AnVILAPIMockTestMixin, TestCase): + """Tests for the CombinedConsortiumDataWorkspaceSharingAuditByWorkspace view.""" + + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:sharing:by_workspace", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceSharingAuditByWorkspace.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url("foo", "bar")) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url("foo", "bar"), + ) + + def test_status_code_with_user_permission_view(self): + """Returns successful response code if the user has view permission.""" + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertEqual(response.status_code, 200) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url("foo", "bar")) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_invalid_billing_project_name(self): + """Raises a 404 error with an invalid object billing project.""" + request = self.factory.get(self.get_url("foo", self.workspace.workspace.name)) + request.user = self.user + with self.assertRaises(Http404): + self.get_view()( + request, + billing_project_slug="foo", + workspace_slug=self.workspace.workspace.name, + ) + + def test_invalid_workspace_name(self): + """Raises a 404 error with an invalid workspace name.""" + request = self.factory.get(self.get_url(self.workspace.workspace.billing_project.name, "foo")) + request.user = self.user + with self.assertRaises(Http404): + self.get_view()( + request, + billing_project_slug=self.workspace.workspace.billing_project.name, + workspace_slug="foo", + ) + + def test_context_audit_results(self): + """The audit_results exists in the context.""" + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 1) + self.assertIn(self.workspace, audit_results.queryset) + + def test_context_audit_results_does_not_include_other_workspaces(self): + """The audit_results does not include other workspaces.""" + other_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + audit_results = response.context_data["audit_results"] + self.assertEqual(audit_results.queryset.count(), 1) + self.assertNotIn(other_workspace, audit_results.queryset) + + def test_context_verified_table_access(self): + """verified_table shows a record when audit has verified access.""" + self.workspace.date_completed = timezone.now() - timedelta(days=1) + self.workspace.save() + group = self.workspace.workspace.authorization_domains.first() + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=self.workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_verified_table_no_access(self): + """verified_table shows a record when audit has verified no access.""" + group = self.workspace.workspace.authorization_domains.first() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_BEFORE_COMPLETE, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_reader(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + self.workspace.date_completed = timezone.now() - timedelta(days=1) + self.workspace.save() + group = self.workspace.workspace.authorization_domains.first() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_writer_with_compute(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_share_as_owner(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("access")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_stop_sharing(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + # Change upload workspace end dates so it's in the past. + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_MEMBERS") + self.workspace.date_completed = timezone.localdate() - timedelta(days=1) + self.workspace.save() + # Create a sharing record. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=self.workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Share with the auth domain to prevent that audit result. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=self.workspace.workspace, + group=self.workspace.workspace.authorization_domains.first(), + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_MEMBERS_AFTER_COMPLETE, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_error_table_stop_sharing(self): + """error_table shows a record when an audit error is detected.""" + group = acm_factories.ManagedGroupFactory.create() + # Create a sharing record. + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=self.workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("access"), "READER") + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_title(self): + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + # self.assertContains(response, str(self.workspace)) + self.assertIn(str(self.workspace), response.content.decode().lower()) + + +class CombinedConsortiumDataWorkspaceSharingAuditResolveTest(AnVILAPIMockTestMixin, TestCase): + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_EDIT_PERMISSION_CODENAME) + ) + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:sharing:resolve", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceSharingAuditResolve.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url("foo", "bar", "foobar")) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url("foo", "bar", "foobar"), + ) + + def test_status_code_with_user_permission_staff_edit(self): + """Returns successful response code if the user has staff edit permission.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + + def test_status_code_with_user_permission_staff_view(self): + """Returns 403 response code if the user has staff view permission.""" + user_view = User.objects.create_user(username="test-view", password="test-view") + user_view.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.client.force_login(self.user) + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user_view + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_status_code_with_user_permission_view(self): + """Returns forbidden response code if the user has view permission.""" + user = User.objects.create_user(username="test-none", password="test-none") + user.user_permissions.add(Permission.objects.get(codename=AnVILProjectManagerAccess.VIEW_PERMISSION_CODENAME)) + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_get_billing_project_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url("foo", workspace.workspace.name, group.name)) + self.assertEqual(response.status_code, 404) + + def test_get_workspace_name_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url(workspace.workspace.billing_project.name, "foo", group.name)) + self.assertEqual(response.status_code, 404) + + def test_get_group_does_not_exist(self): + """get request raises a 404 error with an non-existent email.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + "foo", + ) + ) + self.assertEqual(response.status_code, 404) + + def test_get_context_audit_result(self): + """The audit_results exists in the context.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + self.assertIsInstance( + response.context_data["audit_result"], + workspace_sharing_audit_results.WorkspaceSharingAuditResult, + ) + + def test_get_verified_shared(self): + """Get request with VerifiedShared result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.VerifiedShared) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + + def test_get_verified_not_shared(self): + """Get request with VerifiedNotShared result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.VerifiedNotShared) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP + ) + + def test_get_share_as_reader(self): + """Get request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.AUTH_DOMAIN_AFTER_COMPLETE, + ) + + def test_get_share_with_compute(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_WRITERS_BEFORE_COMPLETE, + ) + + def test_get_share_as_owner(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.DCC_ADMIN_AS_OWNER, + ) + + def test_get_stop_sharing(self): + """Get request with StopSharing result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.StopSharing) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit.OTHER_GROUP + ) + + def test_post_billing_project_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post(self.get_url("foo", workspace.workspace.name, group.name)) + self.assertEqual(response.status_code, 404) + + def test_post_workspace_name_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post(self.get_url(workspace.workspace.billing_project.name, "foo", group.name)) + self.assertEqual(response.status_code, 404) + + def test_post_group_does_not_exist(self): + """post request raises a 404 error with an non-existent email.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.post( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + "foo", + ) + ) + self.assertEqual(response.status_code, 404) + + def test_post_verified_shared(self): + """Post request with VerifiedShared result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + date_completed=timezone.now() - timedelta(days=1) + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertEqual(sharing.modified, date_created) + + def test_post_verified_not_shared(self): + """Post request with VerifiedNotShared result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + + def test_post_new_share_as_reader(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_post_new_share_with_compute(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_post_new_share_as_owner(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + upload_cycle__is_future=True, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_post_new_stop_sharing(self): + group = acm_factories.ManagedGroupFactory.create() + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + + def test_post_update_share_as_reader(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.WRITER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_post_update_share_with_compute(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_post_update_share_as_owner(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_post_new_share_as_reader_htmx(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_post_new_share_with_compute_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_post_new_share_as_owner_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + upload_cycle__is_future=True, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing = acm_models.WorkspaceGroupSharing.objects.get(workspace=workspace.workspace, group=group) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_post_new_stop_sharing_htmx(self): + group = acm_factories.ManagedGroupFactory.create() + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + + def test_post_update_share_as_reader_htmx(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.WRITER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + self.assertFalse(sharing.can_compute) + + def test_post_update_share_with_compute_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + self.assertTrue(sharing.can_compute) + + def test_post_update_share_as_owner_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=200, + match=[responses.matchers.json_params_matcher(acls)], + json={"invitesSent": {}, "usersNotFound": {}, "usersUpdated": acls}, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual( + response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_success + ) + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 1) + sharing.refresh_from_db() + self.assertEqual(sharing.created, date_created) + self.assertGreater(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.OWNER) + self.assertTrue(sharing.can_compute) + + def test_post_new_share_as_reader_api_error(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_new_share_with_compute_api_error(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_new_share_as_owner_api_error(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + upload_cycle__is_future=True, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_new_stop_sharing_api_error(self): + group = acm_factories.ManagedGroupFactory.create() + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.StopSharing) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_update_share_as_reader_api_error(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.WRITER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsReader) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_update_share_with_compute_api_error(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareWithCompute) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_update_share_as_owner_api_error(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + match=[responses.matchers.json_params_matcher(acls)], + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # Audit result is still as expected. + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_sharing_audit_results.ShareAsOwner) + # A message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_new_share_as_reader_api_error_htmx(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_new_share_with_compute_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_new_share_as_owner_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + upload_cycle__is_future=True, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # No sharing object was created. + self.assertEqual(acm_models.WorkspaceGroupSharing.objects.count(), 0) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_new_stop_sharing_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create() + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "NO ACCESS", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_update_share_as_reader_api_error_htmx(self): + """Post request with ShareAsReader result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + date_completed=timezone.now() - timedelta(days=1), + ) + group = workspace.workspace.authorization_domains.first() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.WRITER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "READER", + "canShare": False, + "canCompute": False, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.WRITER) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_update_share_with_compute_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_DCC_WRITERS") + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "WRITER", + "canShare": False, + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + status=500, + json=ErrorResponseFactory().response, + match=[responses.matchers.json_params_matcher(acls)], + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_update_share_as_owner_api_error_htmx(self): + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + workspace__billing_project__name="test-bp", + workspace__name="test-ws", + ) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + sharing = acm_factories.WorkspaceGroupSharingFactory.create( + workspace=workspace.workspace, + group=group, + access=acm_models.WorkspaceGroupSharing.READER, + ) + # Add the mocked API response. + acls = [ + { + "email": group.email, + "accessLevel": "OWNER", + "canShare": False, # We're not tracking this in ACM so we always send False. + "canCompute": True, + } + ] + self.anvil_response_mock.add( + responses.PATCH, + self.api_client.rawls_entry_point + "/api/workspaces/test-bp/test-ws/acl?inviteUsersNotFound=false", + match=[responses.matchers.json_params_matcher(acls)], + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), + **header, + ) + self.assertEqual(response.content.decode(), views.CombinedConsortiumDataWorkspaceSharingAuditResolve.htmx_error) + # Sharing result has not changed. + sharing.refresh_from_db() + self.assertEqual(sharing.workspace, workspace.workspace) + self.assertEqual(sharing.group, group) + self.assertEqual(sharing.modified, date_created) + self.assertEqual(sharing.access, acm_models.WorkspaceGroupSharing.READER) + # No messages were added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditTest(AnVILAPIMockTestMixin, TestCase): + """Tests for the CombinedConsortiumDataWorkspaceAuthDomainAudit view.""" + + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:auth_domains:all", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceAuthDomainAudit.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url()) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url(), + ) + + def test_status_code_with_user_permission_view(self): + """Returns successful response code if the user has view permission.""" + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertEqual(response.status_code, 200) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url()) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_context_audit_results_no_workspaces(self): + """The audit_results exists in the context.""" + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 0) + + def test_context_audit_results_one_workspace(self): + """The audit_results exists in the context.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 1) + self.assertIn(workspace, audit_results.queryset) + + def test_context_audit_results_two_workspaces(self): + """The audit_results exists in the context.""" + workspace_1 = factories.CombinedConsortiumDataWorkspaceFactory.create() + workspace_2 = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 2) + self.assertIn(workspace_1, audit_results.queryset) + self.assertIn(workspace_2, audit_results.queryset) + + def test_context_verified_table_access(self): + """verified_table shows a record when audit has verified access.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_add_member(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("role")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_add_admin(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("role")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_error_table_remove(self): + """error table shows a record when audit finds that access needs to be removed.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_errors_table_change_to_member(self): + """errors table shows a record when audit finds that access needs to be removed.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_change_to_admin(self): + """error table shows a record when audit finds that access needs to be removed.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_title(self): + self.client.force_login(self.user) + response = self.client.get(self.get_url()) + # self.assertContains(response, str(self.workspace)) + self.assertIn("all combined workspaces", response.content.decode().lower()) + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspaceTest(AnVILAPIMockTestMixin, TestCase): + """Tests for the CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspace view.""" + + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:auth_domains:by_workspace", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspace.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + + "?next=" + + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name), + ) + + def test_status_code_with_user_permission_view(self): + """Returns successful response code if the user has view permission.""" + self.client.force_login(self.user) + response = self.client.get( + self.get_url(self.workspace.workspace.billing_project.name, self.workspace.workspace.name) + ) + self.assertEqual(response.status_code, 200) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url("foo", "bar")) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_invalid_billing_project_name(self): + """Raises a 404 error with an invalid object billing project.""" + request = self.factory.get(self.get_url("foo", self.workspace.workspace.name)) + request.user = self.user + with self.assertRaises(Http404): + self.get_view()( + request, + billing_project_slug="foo", + workspace_slug=self.workspace.workspace.name, + ) + + def test_invalid_workspace_name(self): + """Raises a 404 error with an invalid workspace name.""" + request = self.factory.get(self.get_url(self.workspace.workspace.billing_project.name, "foo")) + request.user = self.user + with self.assertRaises(Http404): + self.get_view()( + request, + billing_project_slug=self.workspace.workspace.billing_project.name, + workspace_slug="foo", + ) + + def test_context_audit_results(self): + """The audit_results exists in the context.""" + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("audit_results", response.context_data) + audit_results = response.context_data["audit_results"] + self.assertIsInstance( + audit_results, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit, + ) + self.assertTrue(audit_results.completed) + self.assertEqual(audit_results.queryset.count(), 1) + self.assertIn(self.workspace, audit_results.queryset) + + def test_context_audit_results_does_not_include_other_workspaces(self): + """The audit_results does not include other workspaces.""" + other_workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + audit_results = response.context_data["audit_results"] + self.assertEqual(audit_results.queryset.count(), 1) + self.assertNotIn(other_workspace, audit_results.queryset) + + def test_context_verified_table_access(self): + """verified_table shows a record when audit has verified access.""" + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=self.workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("verified_table", response.context_data) + table = response.context_data["verified_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_add_member(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("role")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_add_admin(self): + """needs_action_table shows a record when audit finds that access needs to be granted.""" + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertIsNone(table.rows[0].get_cell_value("role")) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_error_table_remove(self): + """error table shows a record when audit finds that access needs to be removed.""" + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=self.workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_errors_table_change_to_member(self): + """errors table shows a record when audit finds that access needs to be removed.""" + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + acm_factories.GroupGroupMembershipFactory.create( + parent_group=self.workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("errors_table", response.context_data) + table = response.context_data["errors_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.ADMIN) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_context_needs_action_table_change_to_admin(self): + """error table shows a record when audit finds that access needs to be removed.""" + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=self.workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertIn("needs_action_table", response.context_data) + table = response.context_data["needs_action_table"] + self.assertIsInstance( + table, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAuditTable, + ) + self.assertEqual(len(table.rows), 1) + self.assertEqual(table.rows[0].get_cell_value("workspace"), self.workspace.workspace) + self.assertEqual(table.rows[0].get_cell_value("managed_group"), group) + self.assertEqual(table.rows[0].get_cell_value("role"), acm_models.GroupGroupMembership.MEMBER) + self.assertEqual( + table.rows[0].get_cell_value("note"), + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + self.assertNotEqual(table.rows[0].get_cell_value("action"), "—") + + def test_title(self): + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + self.workspace.workspace.billing_project.name, + self.workspace.workspace.name, + ) + ) + self.assertContains(response, str(self.workspace)) + # self.assertIn("all combined workspaces", response.content.decode().lower()) + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditResolveTest(AnVILAPIMockTestMixin, TestCase): + def setUp(self): + """Set up test class.""" + super().setUp() + self.factory = RequestFactory() + # Create a user with both view and edit permission. + self.user = User.objects.create_user(username="test", password="test") + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.user.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_EDIT_PERMISSION_CODENAME) + ) + + def get_url(self, *args): + """Get the url for the view being tested.""" + return reverse( + "gregor_anvil:audit:combined_workspaces:auth_domains:resolve", + args=args, + ) + + def get_view(self): + """Return the view being tested.""" + return views.CombinedConsortiumDataWorkspaceAuthDomainAuditResolve.as_view() + + def test_view_redirect_not_logged_in(self): + "View redirects to login view when user is not logged in." + # Need a client for redirects. + response = self.client.get(self.get_url("foo", "bar", "foobar")) + self.assertRedirects( + response, + resolve_url(settings.LOGIN_URL) + "?next=" + self.get_url("foo", "bar", "foobar"), + ) + + def test_status_code_with_user_permission_staff_edit(self): + """Returns successful response code if the user has staff edit permission.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + + def test_status_code_with_user_permission_staff_view(self): + """Returns 403 response code if the user has staff view permission.""" + user_view = User.objects.create_user(username="test-view", password="test-view") + user_view.user_permissions.add( + Permission.objects.get(codename=AnVILProjectManagerAccess.STAFF_VIEW_PERMISSION_CODENAME) + ) + self.client.force_login(self.user) + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user_view + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_status_code_with_user_permission_view(self): + """Returns forbidden response code if the user has view permission.""" + user = User.objects.create_user(username="test-none", password="test-none") + user.user_permissions.add(Permission.objects.get(codename=AnVILProjectManagerAccess.VIEW_PERMISSION_CODENAME)) + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_access_without_user_permission(self): + """Raises permission denied if user has no permissions.""" + user_no_perms = User.objects.create_user(username="test-none", password="test-none") + request = self.factory.get(self.get_url("foo", "bar", "foobar")) + request.user = user_no_perms + with self.assertRaises(PermissionDenied): + self.get_view()(request) + + def test_get_billing_project_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url("foo", workspace.workspace.name, group.name)) + self.assertEqual(response.status_code, 404) + + def test_get_workspace_name_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get(self.get_url(workspace.workspace.billing_project.name, "foo", group.name)) + self.assertEqual(response.status_code, 404) + + def test_get_group_does_not_exist(self): + """get request raises a 404 error with an non-existent email.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + "foo", + ) + ) + self.assertEqual(response.status_code, 404) + + def test_get_context_audit_result(self): + """The audit_results exists in the context.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.get( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertIn("audit_result", response.context_data) + self.assertIsInstance( + response.context_data["audit_result"], + workspace_auth_domain_audit_results.WorkspaceAuthDomainAuditResult, + ) + + def test_get_verified_admin(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedAdmin) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + + def test_get_verified_member(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedMember) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_get_verified_not_member(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.VerifiedNotMember) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + + def test_get_add_member(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.AddMember) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_get_add_admin(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.AddAdmin) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + + def test_get_change_to_member(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.ChangeToMember) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.GREGOR_ALL_AS_MEMBER, + ) + + def test_get_change_to_admin(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.ChangeToAdmin) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.DCC_ADMIN_AS_ADMIN, + ) + + def test_get_remove(self): + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Check the table in the context. + self.client.force_login(self.user) + response = self.client.get( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + group.name, + ) + ) + self.assertIn("audit_result", response.context_data) + audit_result = response.context_data["audit_result"] + self.assertIsInstance(audit_result, workspace_auth_domain_audit_results.Remove) + self.assertEqual(audit_result.workspace, workspace.workspace) + self.assertEqual(audit_result.managed_group, group) + self.assertEqual( + audit_result.note, + combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit.OTHER_GROUP, + ) + + def test_post_billing_project_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post(self.get_url("foo", workspace.workspace.name, group.name)) + self.assertEqual(response.status_code, 404) + + def test_post_workspace_name_does_not_exist(self): + """Raises a 404 error with an invalid billing project.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post(self.get_url(workspace.workspace.billing_project.name, "foo", group.name)) + self.assertEqual(response.status_code, 404) + + def test_post_group_does_not_exist(self): + """post request raises a 404 error with an non-existent email.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + self.client.force_login(self.user) + response = self.client.post( + self.get_url( + workspace.workspace.billing_project.name, + workspace.workspace.name, + "foo", + ) + ) + self.assertEqual(response.status_code, 404) + + def test_post_verified_member(self): + """Get request with VerifiedMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_post_verified_admin(self): + """Get request with VerifiedAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_post_verified_not_member(self): + """Get request with VerifiedNotMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_add_member(self): + """Get request with AddMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership = acm_models.GroupGroupMembership.objects.get( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + ) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + + def test_post_add_admin(self): + """Get request with AddAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.client.force_login(self.user) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership = acm_models.GroupGroupMembership.objects.get( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + ) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + + def test_post_change_to_member(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertGreater(membership.modified, membership.created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + + def test_post_change_to_admin(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertGreater(membership.modified, membership.created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + + def test_post_remove_admin(self): + """Post request with Remove result for an admin membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_future=True, workspace__name="test-ws" + ) + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_remove_member(self): + """Post request with Remove result for a member membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_future=True, workspace__name="test-ws" + ) + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertRedirects(response, workspace.get_absolute_url()) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_verified_member_htmx(self): + """Get request with VerifiedMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_post_verified_admin_htmx(self): + """Get request with VerifiedAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + + def test_post_verified_not_member_htmx(self): + """Get request with VerifiedNotMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create() + group = acm_factories.ManagedGroupFactory.create() + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_add_member_htmx(self): + """Get request with AddMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership = acm_models.GroupGroupMembership.objects.get( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + ) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + + def test_post_add_admin_htmx(self): + """Get request with AddAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.client.force_login(self.user) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership = acm_models.GroupGroupMembership.objects.get( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + ) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + + def test_post_change_to_member_htmx(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertGreater(membership.modified, membership.created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + + def test_post_change_to_admin_htmx(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertGreater(membership.modified, membership.created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + + def test_post_remove_admin_htmx(self): + """Post request with Remove result for an admin membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_future=True, workspace__name="test-ws" + ) + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_remove_member_htmx(self): + """Post request with Remove result for a member membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create( + upload_cycle__is_future=True, workspace__name="test-ws" + ) + group = acm_factories.ManagedGroupFactory.create() + acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_success) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + + def test_post_api_error_add_member(self): + """Get request with AddMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No memberships were created. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_add_admin(self): + """Get request with AddAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.client.force_login(self.user) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # No memberships were created. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_change_to_member_error_on_put_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_change_to_member_error_on_delete_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_change_to_admin_error_on_delete_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_change_to_admin_error_on_put_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_remove_admin(self): + """Post request with Remove result for an admin membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_remove_member(self): + """Post request with Remove result for a member membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name) + ) + self.assertEqual(response.status_code, 200) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # Error message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 1) + self.assertIn("AnVIL API Error", str(messages[0])) + + def test_post_api_error_htmx_add_member(self): + """Get request with AddMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + # The membership was not updated. + # No memberships were created. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_add_admin(self): + """Get request with AddAdmin result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + self.client.force_login(self.user) + # Add the mocked API response. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + # No memberships were created. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 0) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_change_to_member_error_on_put_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=204, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_change_to_member_error_on_delete_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name="GREGOR_ALL") + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + # The membership was not updated. + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_change_to_admin_error_on_delete_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_change_to_admin_error_on_put_call(self): + """Get request with ChangeToMember result.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create(name=settings.ANVIL_DCC_ADMINS_GROUP_NAME) + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + # Add the mocked API responses - one to create and one to delete. + # Note that the auth domain group is created automatically by the factory using the workspace name. + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=204, + ) + self.anvil_response_mock.add( + responses.PUT, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_remove_admin(self): + """Post request with Remove result for an admin membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.ADMIN, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/admin/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.ADMIN) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) + + def test_post_api_error_htmx_remove_member(self): + """Post request with Remove result for a member membership.""" + workspace = factories.CombinedConsortiumDataWorkspaceFactory.create(workspace__name="test-ws") + group = acm_factories.ManagedGroupFactory.create() + date_created = timezone.now() - timedelta(weeks=3) + with freeze_time(date_created): + membership = acm_factories.GroupGroupMembershipFactory.create( + parent_group=workspace.workspace.authorization_domains.first(), + child_group=group, + role=acm_models.GroupGroupMembership.MEMBER, + ) + self.anvil_response_mock.add( + responses.DELETE, + self.api_client.sam_entry_point + f"/api/groups/v1/auth_test-ws/member/{group.name}@firecloud.org", + status=500, + json=ErrorResponseFactory().response, + ) + self.client.force_login(self.user) + header = {"HTTP_HX-Request": "true"} + response = self.client.post( + self.get_url(workspace.workspace.billing_project.name, workspace.workspace.name, group.name), **header + ) + self.assertEqual(response.content.decode(), views.UploadWorkspaceAuthDomainAuditResolve.htmx_error) + self.assertEqual(acm_models.GroupGroupMembership.objects.count(), 1) + membership.refresh_from_db() + self.assertEqual(membership.created, date_created) + self.assertEqual(membership.modified, date_created) + self.assertEqual(membership.role, acm_models.GroupGroupMembership.MEMBER) + # No message was added. + messages = [m.message for m in get_messages(response.wsgi_request)] + self.assertEqual(len(messages), 0) diff --git a/gregor_django/gregor_anvil/urls.py b/gregor_django/gregor_anvil/urls.py index c65a5893..6e7e7939 100644 --- a/gregor_django/gregor_anvil/urls.py +++ b/gregor_django/gregor_anvil/urls.py @@ -98,9 +98,53 @@ "upload_workspaces", ) +combined_workspace_sharing_audit_patterns = ( + [ + path("all/", views.CombinedConsortiumDataWorkspaceSharingAudit.as_view(), name="all"), + path( + "resolve////", + views.CombinedConsortiumDataWorkspaceSharingAuditResolve.as_view(), + name="resolve", + ), + path( + "//", + views.CombinedConsortiumDataWorkspaceSharingAuditByWorkspace.as_view(), + name="by_workspace", + ), + ], + "sharing", +) + +combined_workspace_auth_domain_audit_patterns = ( + [ + path("all/", views.CombinedConsortiumDataWorkspaceAuthDomainAudit.as_view(), name="all"), + path( + "resolve////", + views.CombinedConsortiumDataWorkspaceAuthDomainAuditResolve.as_view(), + name="resolve", + ), + path( + "//", + views.CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspace.as_view(), + name="by_workspace", + ), + ], + "auth_domains", +) + +combined_workspace_audit_patterns = ( + [ + path("sharing/", include(combined_workspace_sharing_audit_patterns)), + path("auth_domain/", include(combined_workspace_auth_domain_audit_patterns)), + ], + "combined_workspaces", +) + + audit_patterns = ( [ path("upload_workspaces/", include(upload_workspace_audit_patterns)), + path("combined_workspaces/", include(combined_workspace_audit_patterns)), ], "audit", ) diff --git a/gregor_django/gregor_anvil/viewmixins.py b/gregor_django/gregor_anvil/viewmixins.py new file mode 100644 index 00000000..37d2c48b --- /dev/null +++ b/gregor_django/gregor_anvil/viewmixins.py @@ -0,0 +1,80 @@ +from anvil_consortium_manager.anvil_api import AnVILAPIError +from anvil_consortium_manager.exceptions import AnVILGroupNotFound +from anvil_consortium_manager.models import ( + ManagedGroup, +) +from django.contrib import messages +from django.db import transaction +from django.http import Http404, HttpResponse + + +class AuditMixin: + """Mixin to assist with auditing views.""" + + def run_audit(self): + raise NotImplementedError("AuditMixin.run_audit() must be implemented in a subclass") + + def get_context_data(self, **kwargs): + """Run the audit and add it to the context.""" + context = super().get_context_data(**kwargs) + # Run the audit. + audit_results = self.run_audit() + context["verified_table"] = audit_results.get_verified_table() + context["errors_table"] = audit_results.get_errors_table() + context["needs_action_table"] = audit_results.get_needs_action_table() + context["audit_results"] = audit_results + return context + + +class AuditResolveMixin: + """Mixin to assist with audit resolution views.""" + + def get_workspace_data_object(self): + raise NotImplementedError("AuditResolveMixin.get_workspace_data_object() must be implemented in a subclass") + + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + context["workspace_data_object"] = self.workspace_data_object + context["managed_group"] = self.managed_group + context["audit_result"] = self.audit_result + return context + + def get_managed_group(self, queryset=None): + """Look up the ManagedGroup by name.""" + try: + obj = ManagedGroup.objects.get(name=self.kwargs.get("managed_group_slug", None)) + except ManagedGroup.DoesNotExist: + raise Http404("No ManagedGroups found matching the query") + return obj + + def get(self, request, *args, **kwargs): + self.workspace_data_object = self.get_workspace_data_object() + self.managed_group = self.get_managed_group() + self.audit_result = self.get_audit_result() + return super().get(request, *args, **kwargs) + + def post(self, request, *args, **kwargs): + self.workspace_data_object = self.get_workspace_data_object() + self.managed_group = self.get_managed_group() + self.audit_result = self.get_audit_result() + return super().post(request, *args, **kwargs) + + def form_valid(self, form): + # Handle the result. + try: + with transaction.atomic(): + self.audit_result.handle() + except (AnVILAPIError, AnVILGroupNotFound) as e: + if self.request.htmx: + return HttpResponse(self.htmx_error) + else: + messages.error(self.request, "AnVIL API Error: " + str(e)) + return super().form_invalid(form) + # Otherwise, the audit resolution succeeded. + if self.request.htmx: + return HttpResponse(self.htmx_success) + else: + return super().form_valid(form) + + def get_success_url(self): + return self.workspace_data_object.get_absolute_url() diff --git a/gregor_django/gregor_anvil/views.py b/gregor_django/gregor_anvil/views.py index cdf8c701..0b138be3 100644 --- a/gregor_django/gregor_anvil/views.py +++ b/gregor_django/gregor_anvil/views.py @@ -1,31 +1,27 @@ -from anvil_consortium_manager.anvil_api import AnVILAPIError from anvil_consortium_manager.auth import ( AnVILConsortiumManagerStaffEditRequired, AnVILConsortiumManagerStaffViewRequired, ) -from anvil_consortium_manager.exceptions import AnVILGroupNotFound from anvil_consortium_manager.models import ( Account, - GroupGroupMembership, - ManagedGroup, Workspace, - WorkspaceGroupSharing, ) -from django.contrib import messages from django.contrib.auth import get_user_model from django.contrib.messages.views import SuccessMessageMixin -from django.db import transaction from django.db.models import Count, Q from django.forms import Form -from django.http import Http404, HttpResponse +from django.http import Http404 from django.utils.translation import gettext_lazy as _ from django.views.generic import CreateView, DetailView, FormView, TemplateView, UpdateView from django_tables2 import MultiTableMixin, SingleTableView from gregor_django.users.tables import UserTable -from . import forms, models, tables -from .audit import upload_workspace_auth_domain_audit, upload_workspace_sharing_audit +from . import forms, models, tables, viewmixins +from .audit import ( + combined_workspace_audit, + upload_workspace_audit, +) User = get_user_model() @@ -188,24 +184,20 @@ def get_context_data(self, **kwargs): return context -class UploadWorkspaceSharingAudit(AnVILConsortiumManagerStaffViewRequired, TemplateView): +class UploadWorkspaceSharingAudit(AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, TemplateView): """View to audit UploadWorkspace sharing for all UploadWorkspaces.""" template_name = "gregor_anvil/upload_workspace_sharing_audit.html" - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + def run_audit(self, **kwargs): + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceSharingAuditByWorkspace(AnVILConsortiumManagerStaffViewRequired, DetailView): +class UploadWorkspaceSharingAuditByWorkspace( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): """View to audit UploadWorkspace sharing for a specific UploadWorkspace.""" template_name = "gregor_anvil/upload_workspace_sharing_audit.html" @@ -229,21 +221,17 @@ def get_object(self, queryset=None): ) return obj - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + def run_audit(self, **kwargs): + audit = upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=self.model.objects.filter(pk=self.object.pk) ) audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceSharingAuditByUploadCycle(AnVILConsortiumManagerStaffViewRequired, DetailView): +class UploadWorkspaceSharingAuditByUploadCycle( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): """View to audit UploadWorkspace sharing for a specific UploadWorkspace.""" template_name = "gregor_anvil/upload_workspace_sharing_audit.html" @@ -263,21 +251,18 @@ def get_object(self, queryset=None): ) return obj - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) + def run_audit(self, **kwargs): # Run the audit. - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit( + audit = upload_workspace_audit.UploadWorkspaceSharingAudit( queryset=models.UploadWorkspace.objects.filter(upload_cycle=self.object) ) audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceSharingAuditResolve(AnVILConsortiumManagerStaffEditRequired, FormView): +class UploadWorkspaceSharingAuditResolve( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditResolveMixin, FormView +): """View to resolve UploadWorkspace audit results.""" form_class = Form @@ -285,7 +270,7 @@ class UploadWorkspaceSharingAuditResolve(AnVILConsortiumManagerStaffEditRequired htmx_success = """ Handled!""" htmx_error = """ Error!""" - def get_upload_workspace(self): + def get_workspace_data_object(self): """Look up the UploadWorkspace by billing project and name.""" # Filter the queryset based on kwargs. billing_project_slug = self.kwargs.get("billing_project_slug", None) @@ -303,112 +288,29 @@ def get_upload_workspace(self): ) return obj - def get_managed_group(self, queryset=None): - """Look up the ManagedGroup by name.""" - try: - obj = ManagedGroup.objects.get(name=self.kwargs.get("managed_group_slug", None)) - except ManagedGroup.DoesNotExist: - raise Http404("No ManagedGroups found matching the query") - return obj - def get_audit_result(self): - audit = upload_workspace_sharing_audit.UploadWorkspaceSharingAudit() + audit = upload_workspace_audit.UploadWorkspaceSharingAudit() # No way to set the group queryset, since it is dynamically determined by the workspace. - audit.audit_workspace_and_group(self.upload_workspace, self.managed_group) + audit.audit_workspace_and_group(self.workspace_data_object, self.managed_group) # Set to completed, because we are just running this one specific check. audit.completed = True return audit.get_all_results()[0] - def get(self, request, *args, **kwargs): - self.upload_workspace = self.get_upload_workspace() - self.managed_group = self.get_managed_group() - self.audit_result = self.get_audit_result() - return super().get(request, *args, **kwargs) - - def post(self, request, *args, **kwargs): - self.upload_workspace = self.get_upload_workspace() - self.managed_group = self.get_managed_group() - self.audit_result = self.get_audit_result() - return super().post(request, *args, **kwargs) - - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - context["upload_workspace"] = self.upload_workspace - context["managed_group"] = self.managed_group - context["audit_result"] = self.audit_result - return context - - def get_success_url(self): - return self.upload_workspace.get_absolute_url() - def form_valid(self, form): - # Handle the result. - try: - # Set up the sharing instance. - if self.audit_result.current_sharing_instance: - sharing = self.audit_result.current_sharing_instance - else: - sharing = WorkspaceGroupSharing( - workspace=self.upload_workspace.workspace, - group=self.managed_group, - ) - with transaction.atomic(): - if isinstance(self.audit_result, upload_workspace_sharing_audit.VerifiedShared): - # No changes needed. - pass - elif isinstance(self.audit_result, upload_workspace_sharing_audit.VerifiedNotShared): - # No changes needed. - pass - elif isinstance(self.audit_result, upload_workspace_sharing_audit.StopSharing): - sharing.anvil_delete() - sharing.delete() - else: - if isinstance(self.audit_result, upload_workspace_sharing_audit.ShareAsReader): - sharing.access = WorkspaceGroupSharing.READER - sharing.can_compute = False - elif isinstance(self.audit_result, upload_workspace_sharing_audit.ShareAsWriter): - sharing.access = WorkspaceGroupSharing.WRITER - sharing.can_compute = False - elif isinstance(self.audit_result, upload_workspace_sharing_audit.ShareWithCompute): - sharing.access = WorkspaceGroupSharing.WRITER - sharing.can_compute = True - elif isinstance(self.audit_result, upload_workspace_sharing_audit.ShareAsOwner): - sharing.access = WorkspaceGroupSharing.OWNER - sharing.can_compute = True - sharing.full_clean() - sharing.save() - sharing.anvil_create_or_update() - except (AnVILAPIError, AnVILGroupNotFound) as e: - if self.request.htmx: - return HttpResponse(self.htmx_error) - else: - messages.error(self.request, "AnVIL API Error: " + str(e)) - return super().form_invalid(form) - # Otherwise, the audit resolution succeeded. - if self.request.htmx: - return HttpResponse(self.htmx_success) - else: - return super().form_valid(form) - - -class UploadWorkspaceAuthDomainAudit(AnVILConsortiumManagerStaffViewRequired, TemplateView): +class UploadWorkspaceAuthDomainAudit(AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, TemplateView): """View to audit UploadWorkspace auth domain membership for all UploadWorkspaces.""" template_name = "gregor_anvil/upload_workspace_auth_domain_audit.html" - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + def run_audit(self): + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceAuthDomainAuditByWorkspace(AnVILConsortiumManagerStaffEditRequired, DetailView): +class UploadWorkspaceAuthDomainAuditByWorkspace( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditMixin, DetailView +): """View to audit UploadWorkspace sharing for a specific UploadWorkspace.""" template_name = "gregor_anvil/upload_workspace_auth_domain_audit.html" @@ -432,21 +334,17 @@ def get_object(self, queryset=None): ) return obj - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + def run_audit(self): + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=self.model.objects.filter(pk=self.object.pk) ) audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceAuthDomainAuditByUploadCycle(AnVILConsortiumManagerStaffViewRequired, DetailView): +class UploadWorkspaceAuthDomainAuditByUploadCycle( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): """View to audit UploadWorkspace sharing for a specific UploadWorkspace.""" template_name = "gregor_anvil/upload_workspace_auth_domain_audit.html" @@ -466,21 +364,17 @@ def get_object(self, queryset=None): ) return obj - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - # Run the audit. - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit( + def run_audit(self, **kwargs): + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit( queryset=models.UploadWorkspace.objects.filter(upload_cycle=self.object) ) audit.run_audit() - context["verified_table"] = audit.get_verified_table() - context["errors_table"] = audit.get_errors_table() - context["needs_action_table"] = audit.get_needs_action_table() - context["audit_results"] = audit - return context + return audit -class UploadWorkspaceAuthDomainAuditResolve(AnVILConsortiumManagerStaffEditRequired, FormView): +class UploadWorkspaceAuthDomainAuditResolve( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditResolveMixin, FormView +): """View to resolve UploadWorkspace auth domain audit results.""" form_class = Form @@ -488,7 +382,7 @@ class UploadWorkspaceAuthDomainAuditResolve(AnVILConsortiumManagerStaffEditRequi htmx_success = """ Handled!""" htmx_error = """ Error!""" - def get_upload_workspace(self): + def get_workspace_data_object(self): """Look up the UploadWorkspace by billing project and name.""" # Filter the queryset based on kwargs. billing_project_slug = self.kwargs.get("billing_project_slug", None) @@ -506,89 +400,179 @@ def get_upload_workspace(self): ) return obj - def get_managed_group(self, queryset=None): - """Look up the ManagedGroup by name.""" + def get_audit_result(self): + audit = upload_workspace_audit.UploadWorkspaceAuthDomainAudit() + # No way to set the group queryset, since it is dynamically determined by the workspace. + audit.audit_workspace_and_group(self.workspace_data_object, self.managed_group) + # Set to completed, because we are just running this one specific check. + audit.completed = True + return audit.get_all_results()[0] + + +class CombinedConsortiumDataWorkspaceSharingAudit( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, TemplateView +): + """View to audit CombinedConsortiumDataWorkspace sharing for all CombinedConsortiumDataWorkspacs.""" + + template_name = "gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html" + + def run_audit(self, **kwargs): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() + audit.run_audit() + return audit + + +class CombinedConsortiumDataWorkspaceSharingAuditByWorkspace( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): + """View to audit CombinedConsortiumDataWorkspace sharing for a specific CombinedConsortiumDataWorkspace.""" + + template_name = "gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html" + model = models.CombinedConsortiumDataWorkspace + + def get_object(self, queryset=None): + """Look up the workspace by billing project and name.""" + # Filter the queryset based on kwargs. + billing_project_slug = self.kwargs.get("billing_project_slug", None) + workspace_slug = self.kwargs.get("workspace_slug", None) + queryset = models.CombinedConsortiumDataWorkspace.objects.filter( + workspace__billing_project__name=billing_project_slug, + workspace__name=workspace_slug, + ) + try: + # Get the single item from the filtered queryset + obj = queryset.get() + except queryset.model.DoesNotExist: + raise Http404( + _("No %(verbose_name)s found matching the query") % {"verbose_name": queryset.model._meta.verbose_name} + ) + return obj + + def run_audit(self, **kwargs): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit( + queryset=self.model.objects.filter(pk=self.object.pk) + ) + audit.run_audit() + return audit + + +class CombinedConsortiumDataWorkspaceSharingAuditResolve( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditResolveMixin, FormView +): + """View to resolve CombinedConsortiumDataWorkspace audit results.""" + + form_class = Form + template_name = "gregor_anvil/combinedconsortiumdataworkspace_sharing_audit_resolve.html" + htmx_success = """ Handled!""" + htmx_error = """ Error!""" + + def get_workspace_data_object(self): + """Look up the CombinedConsortiumDataWorkspace by billing project and name.""" + # Filter the queryset based on kwargs. + billing_project_slug = self.kwargs.get("billing_project_slug", None) + workspace_slug = self.kwargs.get("workspace_slug", None) + queryset = models.CombinedConsortiumDataWorkspace.objects.filter( + workspace__billing_project__name=billing_project_slug, + workspace__name=workspace_slug, + ) try: - obj = ManagedGroup.objects.get(name=self.kwargs.get("managed_group_slug", None)) - except ManagedGroup.DoesNotExist: - raise Http404("No ManagedGroups found matching the query") + # Get the single item from the filtered queryset + obj = queryset.get() + except queryset.model.DoesNotExist: + raise Http404( + _("No %(verbose_name)s found matching the query") % {"verbose_name": queryset.model._meta.verbose_name} + ) return obj def get_audit_result(self): - audit = upload_workspace_auth_domain_audit.UploadWorkspaceAuthDomainAudit() + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceSharingAudit() # No way to set the group queryset, since it is dynamically determined by the workspace. - audit.audit_workspace_and_group(self.upload_workspace, self.managed_group) + audit.audit_workspace_and_group(self.workspace_data_object, self.managed_group) # Set to completed, because we are just running this one specific check. audit.completed = True return audit.get_all_results()[0] - def get(self, request, *args, **kwargs): - self.upload_workspace = self.get_upload_workspace() - self.managed_group = self.get_managed_group() - self.audit_result = self.get_audit_result() - return super().get(request, *args, **kwargs) - def post(self, request, *args, **kwargs): - self.upload_workspace = self.get_upload_workspace() - self.managed_group = self.get_managed_group() - self.audit_result = self.get_audit_result() - return super().post(request, *args, **kwargs) +class CombinedConsortiumDataWorkspaceAuthDomainAudit( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, TemplateView +): + """View to audit auth domain membership for all CombinedConsortiumDataWorkspaces.""" + + template_name = "gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html" + + def run_audit(self, **kwargs): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + audit.run_audit() + return audit - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - context["upload_workspace"] = self.upload_workspace - context["managed_group"] = self.managed_group - context["audit_result"] = self.audit_result - return context - def get_success_url(self): - return self.upload_workspace.get_absolute_url() +class CombinedConsortiumDataWorkspaceAuthDomainAuditByWorkspace( + AnVILConsortiumManagerStaffViewRequired, viewmixins.AuditMixin, DetailView +): + """View to audit auth domain membership for a specific CombinedConsortiumDataWorkspace.""" - def form_valid(self, form): - # Handle the result. + template_name = "gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html" + model = models.CombinedConsortiumDataWorkspace + + def get_object(self, queryset=None): + """Look up the CombinedConsortiumDataWorkspace by billing project and name.""" + # Filter the queryset based on kwargs. + billing_project_slug = self.kwargs.get("billing_project_slug", None) + workspace_slug = self.kwargs.get("workspace_slug", None) + queryset = models.CombinedConsortiumDataWorkspace.objects.filter( + workspace__billing_project__name=billing_project_slug, + workspace__name=workspace_slug, + ) try: - with transaction.atomic(): - # Set up the membership instance. - if self.audit_result.current_membership_instance: - membership = self.audit_result.current_membership_instance - else: - membership = GroupGroupMembership( - parent_group=self.upload_workspace.workspace.authorization_domains.first(), - child_group=self.managed_group, - ) - # Now process the result. - if isinstance(self.audit_result, upload_workspace_auth_domain_audit.VerifiedMember): - pass - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.VerifiedAdmin): - pass - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.VerifiedNotMember): - pass - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.Remove): - membership.anvil_delete() - membership.delete() - else: - if isinstance(self.audit_result, upload_workspace_auth_domain_audit.ChangeToMember): - membership.anvil_delete() - membership.role = GroupGroupMembership.MEMBER - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.ChangeToAdmin): - membership.anvil_delete() - membership.role = GroupGroupMembership.ADMIN - else: - if isinstance(self.audit_result, upload_workspace_auth_domain_audit.AddMember): - membership.role = GroupGroupMembership.MEMBER - elif isinstance(self.audit_result, upload_workspace_auth_domain_audit.AddAdmin): - membership.role = GroupGroupMembership.ADMIN - membership.full_clean() - membership.save() - membership.anvil_create() - except (AnVILAPIError, AnVILGroupNotFound) as e: - if self.request.htmx: - return HttpResponse(self.htmx_error) - else: - messages.error(self.request, "AnVIL API Error: " + str(e)) - return super().form_invalid(form) - # Otherwise, the audit resolution succeeded. - if self.request.htmx: - return HttpResponse(self.htmx_success) - else: - return super().form_valid(form) + # Get the single item from the filtered queryset + obj = queryset.get() + except queryset.model.DoesNotExist: + raise Http404( + _("No %(verbose_name)s found matching the query") % {"verbose_name": queryset.model._meta.verbose_name} + ) + return obj + + def run_audit(self, **kwargs): + # Run the audit. + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit( + queryset=self.model.objects.filter(pk=self.object.pk) + ) + audit.run_audit() + return audit + + +class CombinedConsortiumDataWorkspaceAuthDomainAuditResolve( + AnVILConsortiumManagerStaffEditRequired, viewmixins.AuditResolveMixin, FormView +): + """View to resolve UploadWorkspace auth domain audit results.""" + + form_class = Form + template_name = "gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit_resolve.html" + htmx_success = """ Handled!""" + htmx_error = """ Error!""" + + def get_workspace_data_object(self): + """Look up the CombinedConsortiumDataWorkspace by billing project and name.""" + # Filter the queryset based on kwargs. + billing_project_slug = self.kwargs.get("billing_project_slug", None) + workspace_slug = self.kwargs.get("workspace_slug", None) + queryset = models.CombinedConsortiumDataWorkspace.objects.filter( + workspace__billing_project__name=billing_project_slug, + workspace__name=workspace_slug, + ) + try: + # Get the single item from the filtered queryset + obj = queryset.get() + except queryset.model.DoesNotExist: + raise Http404( + _("No %(verbose_name)s found matching the query") % {"verbose_name": queryset.model._meta.verbose_name} + ) + return obj + + def get_audit_result(self): + audit = combined_workspace_audit.CombinedConsortiumDataWorkspaceAuthDomainAudit() + # No way to set the group queryset, since it is dynamically determined by the workspace. + audit.audit_workspace_and_group(self.workspace_data_object, self.managed_group) + # Set to completed, because we are just running this one specific check. + audit.completed = True + return audit.get_all_results()[0] diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html new file mode 100644 index 00000000..b6472dcc --- /dev/null +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit.html @@ -0,0 +1,25 @@ +{% extends "anvil_consortium_manager/base.html" %} +{% load django_tables2 %} + +{% block title %}Combined workspace auth domain audit{% endblock %} + + +{% block content %} + +

Combined consortium data workspace auth domain audit: {% if object %} {{ object }} {% else %} all Combined Workspaces{% endif %}

+ +
+

+ When auditing combined workspace auth domain membership, + all records in the "Needs action" table should be handled by clicking on the action button. + Any records in the "Errors" table should be reported. +

+ {% include "gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html" %} + +
+ +

Audit results

+ +{% include "__audit_tables.html" with verified_table=verified_table needs_action_table=needs_action_table errors_table=errors_table %} + +{% endblock content %} diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit_resolve.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit_resolve.html new file mode 100644 index 00000000..0a506c47 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_auth_domain_audit_resolve.html @@ -0,0 +1,44 @@ +{% extends "anvil_consortium_manager/base.html" %} +{% load django_tables2 %} +{% load crispy_forms_tags %} + +{% block title %}Resolve combined workspace audit{% endblock %} + + +{% block content %} + +

Resolve combined workspace auth domain audit

+ +
+ + + {% include "gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html" %} + +
+ +

Audit results

+ + +
+
+
Result
+

{{ audit_result }}

+ {% if audit_result.action %} +
+ + {% csrf_token %} + {{ form|crispy }} + + +
+ {% else %} + + {% endif %} +
+
+ + +{% endblock content %} diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_detail.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_detail.html index 48832960..6727465a 100644 --- a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_detail.html +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_detail.html @@ -10,15 +10,15 @@ {% block action_buttons %} - {% if show_edit_links %} - {% if object.authorization_domains.first %}

- Share with auth domain -

- {% else %} -

no auth domain

- {% endif %} + + Audit consortium sharing + + + Audit auth domain membership + +

{% endif %} {{ block.super }} diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html new file mode 100644 index 00000000..211f93f4 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit.html @@ -0,0 +1,25 @@ +{% extends "anvil_consortium_manager/base.html" %} +{% load django_tables2 %} + +{% block title %}Combined workspace sharing audit{% endblock %} + + +{% block content %} + +

Combined workspace sharing audit: {% if object %}{{ object }}{% else %} all Combined Workspaces{% endif %}

+ +
+

+ Auditing workspace sharing for {{ object }}. + All records in the "Needs action" table should be handled by clicking on the action button. + Any records in the "Errors" table should be reported. +

+ {% include "gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html" %} + +
+ +

Audit results

+ +{% include "__audit_tables.html" with verified_table=verified_table needs_action_table=needs_action_table errors_table=errors_table %} + +{% endblock content %} diff --git a/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit_resolve.html b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit_resolve.html new file mode 100644 index 00000000..a7ddb739 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/combinedconsortiumdataworkspace_sharing_audit_resolve.html @@ -0,0 +1,44 @@ +{% extends "anvil_consortium_manager/base.html" %} +{% load django_tables2 %} +{% load crispy_forms_tags %} + +{% block title %}Resolve combined workspace audit{% endblock %} + + +{% block content %} + +

Resolve combined workspace sharing audit

+ +
+ + + {% include "gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html" %} + +
+ +

Audit results

+ + +
+
+
Result
+

{{ audit_result }}

+ {% if audit_result.action %} +
+ + {% csrf_token %} + {{ form|crispy }} + + +
+ {% else %} + + {% endif %} +
+
+ + +{% endblock content %} diff --git a/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_action_button.html b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_action_button.html new file mode 100644 index 00000000..94e5e134 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_action_button.html @@ -0,0 +1,22 @@ +
+ {% if record.action %} +
+ + {% csrf_token %} + +
+ + {% else %} + — + {% endif %} +
diff --git a/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html new file mode 100644 index 00000000..32c7632d --- /dev/null +++ b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_auth_domain_audit_explanation.html @@ -0,0 +1,25 @@ +
+
+

+ +

+
+
+ +

+ This audit checks that auth domain membership is appropriate for the current point in the upload cycle. + Membership is expected to be as follows. +

    +
  • GREGOR_ALL
    • +
  • GREGOR_DCC_ADMINS (as admin)
    • +
+ Note that groups associated with AnVIL (e.g., anvil-admins, anvil-devs) are ignored by the audit. +

+ +

Any errors should be reported!

+
+
+
+
diff --git a/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_action_button.html b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_action_button.html new file mode 100644 index 00000000..0e36afb8 --- /dev/null +++ b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_action_button.html @@ -0,0 +1,22 @@ +
+ {% if record.action %} +
+ + {% csrf_token %} + +
+ + {% else %} + — + {% endif %} +
diff --git a/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html new file mode 100644 index 00000000..5c1b9f0e --- /dev/null +++ b/gregor_django/templates/gregor_anvil/snippets/combinedconsortiumdataworkspace_sharing_audit_explanation.html @@ -0,0 +1,48 @@ +
+
+

+ +

+
+
+ +

+ This audit checks that workspace sharing is appropriate for the current point in the upload cycle. + Sharing with the following groups are checked: +

    +
  • The authorization domain of the workspace
    • +
  • GREGOR_DCC_ADMINS
    • +
  • GREGOR_DCC_WRITERS
    • +
  • GREGOR_DCC_MEMBERS
    • +
  • Any additional groups that the workspace is shared with
    • +
+ Note that groups associated with AnVIL (e.g., anvil-admins, anvil-devs) are ignored by the audit. +

+

The audit result categories are explained below. +

    + +
  • Verified includes the following:
    • +
      +
    • The workspace is shared with a group with appropriate permissions.
      • +
    • The workspace is not shared with a group that it should not be shared with.
      • +
    + +
  • Needs action includes the following:
    • +
      +
    • The access level for a specific group needs to be changed.
      • +
    + +
  • Errors
    • +
      +
    • The workspace has been shared with an unexpected group.
      • +
    • A group other than the DCC admins group is an owner of the workspace.
      • +
    +
+

+

Any errors should be reported!

+
+
+
+
diff --git a/gregor_django/templates/gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html b/gregor_django/templates/gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html index 1e0437e9..1f101cbc 100644 --- a/gregor_django/templates/gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html +++ b/gregor_django/templates/gregor_anvil/snippets/upload_workspace_auth_domain_audit_action_button.html @@ -2,13 +2,13 @@ {% if record.action %}
+ action="{% url 'gregor_anvil:audit:upload_workspaces:auth_domains:resolve' record.workspace.billing_project.name record.workspace.name record.managed_group.name %}"> {% csrf_token %}