[test] monitoring test has_instance_permission for TIndividuals & TMa…

…rkingEvent
PnX-SI · Jan 2, 2025 · ff255ed · ff255ed
1 parent 9d62cd7
commit ff255ed
Show file tree

Hide file tree

Showing 2 changed files with 151 additions and 5 deletions.
diff --git a/backend/geonature/core/gn_monitoring/models.py b/backend/geonature/core/gn_monitoring/models.py
@@ -3,7 +3,7 @@
     Correspond a la centralisation des données de base
         relatifs aux protocoles de suivis
 """
-
+from flask import g
 from datetime import datetime
 
 from geoalchemy2 import Geometry
@@ -310,7 +310,7 @@ def has_instance_permission(self, scope):
                 return True
         elif scope == 3:
             return True
-        return True
+        return False
 
 
 @serializable
@@ -410,4 +410,4 @@ def has_instance_permission(self, scope):
                 return True
         elif scope == 3:
             return True
-        return True
+        return False
diff --git a/backend/geonature/tests/test_monitoring.py b/backend/geonature/tests/test_monitoring.py
@@ -3,10 +3,12 @@
 from werkzeug.exceptions import Forbidden
 from sqlalchemy import select
 from apptax.taxonomie.models import Taxref
-from geonature.core.gn_monitoring.models import TIndividuals
+from pypnnomenclature.models import BibNomenclaturesTypes, TNomenclatures
+from geonature.core.gn_monitoring.models import TIndividuals, TMarkingEvent
 from geonature.utils.env import db
 from geonature.core.gn_permissions.models import PermAction, PermObject, Permission
-from pypnusershub.tests.utils import set_logged_user_cookie
+from pypnusershub.tests.utils import logged_user_headers, set_logged_user_cookie
+
 
 from .fixtures import *
 
@@ -30,6 +32,76 @@ def individuals(users, module):
 
     return individuals
 
+    # id_marking = DB.Column(DB.Integer, primary_key=True, autoincrement=True)
+    # id_individual = DB.Column(
+    #     DB.ForeignKey(f"gn_monitoring.t_individuals.id_individual", ondelete="CASCADE"),
+    #     nullable=False,
+    # )
+    # id_module = DB.Column(
+    #     DB.ForeignKey("gn_commons.t_modules.id_module"),
+    #     primary_key=True,
+    #     nullable=False,
+    #     unique=True,
+    # )
+    # id_digitiser = DB.Column(
+    #     DB.ForeignKey("utilisateurs.t_roles.id_role"),
+    #     nullable=False,
+    # )
+    # marking_date = DB.Column(DB.DateTime(timezone=False), nullable=False)
+    # id_operator = DB.Column(DB.ForeignKey("utilisateurs.t_roles.id_role"), nullable=False)
+    # id_base_marking_site = DB.Column(DB.ForeignKey("gn_monitoring.t_base_sites.id_base_site"))
+    # id_nomenclature_marking_type = DB.Column(
+    #     DB.ForeignKey("ref_nomenclatures.t_nomenclatures.id_nomenclature"), nullable=False
+    # )
+    # marking_location = DB.Column(DB.Unicode(255))
+    # marking_code = DB.Column(DB.Unicode(255))
+    # marking_details = DB.Column(DB.Text)
+
+
+@pytest.fixture
+def nomenclature_type_markings():
+    typ_marquage = db.session.scalar(
+        select(BibNomenclaturesTypes).where(
+            BibNomenclaturesTypes.mnemonique == "TYP_MARQUAGE",
+        )
+    )
+    nomenclature = TNomenclatures(
+        id_type=typ_marquage.id_type,
+        cd_nomenclature="MARQUAGE PEINTURE",
+        label_default="MARQUAGE PEINTURE",
+        label_fr="MARQUAGE PEINTURE",
+        active=True,
+    )
+    with db.session.begin_nested():
+        db.session.add(nomenclature)
+
+    return nomenclature
+
+
+@pytest.fixture
+def markings(users, module, individuals, nomenclature_type_markings):
+    user = users["self_user"]
+    markings = []
+    for individual in individuals:
+        markings.append(
+            TMarkingEvent(
+                id_individual=individual.id_individual,
+                id_module=module.id_module,
+                digitiser=user,
+                operator=user,
+                marking_date="2025-01-01",
+                marking_location="Là bas",
+                marking_code="0007",
+                marking_details="Super super",
+                id_nomenclature_marking_type=nomenclature_type_markings.id_nomenclature,
+            )
+        )
+
+    with db.session.begin_nested():
+        db.session.add_all(markings)
+
+    return markings
+
 
 @pytest.fixture
 def monitoring_individual_perm_object():
@@ -155,3 +227,77 @@ def test_create_one_individual(self, users, module, monitoring_individual_perm_o
         json_resp = response.json
         assert json_resp["cd_nom"] == CD_NOM
         assert json_resp["individual_name"] == individual_name
+
+    def test_model_individual_has_instance_permission(
+        self, app, users, individuals, module, monitoring_individual_perm_object
+    ):
+        set_logged_user_cookie(self.client, users["self_user"])
+        set_permissions(
+            module=module,
+            role=users["self_user"],
+            scope_value=1,
+            action="R",
+            object=monitoring_individual_perm_object,
+        )
+
+        individual = individuals[0]
+        # Scope 0 => toujours Faux
+        assert individual.has_instance_permission(0) == False
+        # Scope 1 => toujours vrai
+        assert individual.has_instance_permission(3) == True
+
+        # Test avec l'utilisateur numérisateur : toujours vrai
+        with app.test_request_context(headers=logged_user_headers(users["self_user"])):
+            app.preprocess_request()
+            assert individual.has_instance_permission(1) == True
+            assert individual.has_instance_permission(2) == True
+
+        # Test avec un utilisateur de la même structure que le numérisateur
+        #   scope 1 => Faux; scope 2 : vrai
+        with app.test_request_context(headers=logged_user_headers(users["associate_user"])):
+            app.preprocess_request()
+            assert individual.has_instance_permission(1) == False
+            assert individual.has_instance_permission(2) == True
+
+        # Test avec un utilisateur d'une autre structure que le numérisateur : toujours faux
+        with app.test_request_context(headers=logged_user_headers(users["stranger_user"])):
+            app.preprocess_request()
+            assert individual.has_instance_permission(1) == False
+            assert individual.has_instance_permission(2) == False
+
+    def test_model_marking_has_instance_permission(
+        self, app, users, markings, module, monitoring_individual_perm_object
+    ):
+        set_logged_user_cookie(self.client, users["self_user"])
+        set_permissions(
+            module=module,
+            role=users["self_user"],
+            scope_value=1,
+            action="R",
+            object=monitoring_individual_perm_object,
+        )
+
+        marking = markings[0]
+        # Scope 0 => toujours Faux
+        assert marking.has_instance_permission(0) == False
+        # Scope 1 => toujours vrai
+        assert marking.has_instance_permission(3) == True
+
+        # Test avec l'utilisateur numérisateur : toujours vrai
+        with app.test_request_context(headers=logged_user_headers(users["self_user"])):
+            app.preprocess_request()
+            assert marking.has_instance_permission(1) == True
+            assert marking.has_instance_permission(2) == True
+
+        # Test avec un utilisateur de la même structure que le numérisateur
+        #   scope 1 => Faux; scope 2 : vrai
+        with app.test_request_context(headers=logged_user_headers(users["associate_user"])):
+            app.preprocess_request()
+            assert marking.has_instance_permission(1) == False
+            assert marking.has_instance_permission(2) == True
+
+        # Test avec un utilisateur d'une autre structure que le numérisateur : toujours faux
+        with app.test_request_context(headers=logged_user_headers(users["stranger_user"])):
+            app.preprocess_request()
+            assert marking.has_instance_permission(1) == False
+            assert marking.has_instance_permission(2) == False