Remove viewer user from API tests

temba/api/v2/tests/test_archives.py

@@ -11,7 +11,7 @@ class ArchivesEndpointTest(APITest):
     def test_endpoint(self):
         endpoint_url = reverse("api.v2.archives") + ".json"
 
-        self.assertGetNotPermitted(endpoint_url, [None, self.user, self.agent])
+        self.assertGetNotPermitted(endpoint_url, [None, self.agent])
         self.assertPostNotAllowed(endpoint_url)
         self.assertDeleteNotAllowed(endpoint_url)
 

temba/api/v2/tests/test_base.py

@@ -238,12 +238,12 @@ def test_explorer(self):
         response = self.client.get(explorer_url)
         self.assertLoginRedirect(response)
 
-        # viewers can't access
-        self.login(self.user)
+        # agents can't access
+        self.login(self.agent)
         response = self.client.get(explorer_url)
         self.assertLoginRedirect(response)
 
-        # editors and administrators can
+        # editors and administrators can access
         self.login(self.editor)
         response = self.client.get(explorer_url)
         self.assertEqual(200, response.status_code)

temba/api/v2/tests/test_boundaries.py

@@ -24,7 +24,7 @@ def test_endpoint(self):
 
         self.assertGet(
             endpoint_url,
-            [self.user, self.editor, self.admin],
+            [self.editor, self.admin],
             results=[
                 {
                     "osm_id": "1708283",

temba/api/v2/tests/test_broadcasts.py

@@ -17,7 +17,7 @@ def test_endpoint(self, mr_mocks):
         endpoint_url = reverse("api.v2.broadcasts") + ".json"
 
         self.assertGetNotPermitted(endpoint_url, [None, self.agent])
-        self.assertPostNotPermitted(endpoint_url, [None, self.user, self.agent])
+        self.assertPostNotPermitted(endpoint_url, [None, self.agent])
         self.assertDeleteNotAllowed(endpoint_url)
 
         self.create_channel("FBA", "Facebook Channel", "billy_bob")
@@ -56,7 +56,7 @@ def test_endpoint(self, mr_mocks):
         # no filtering
         response = self.assertGet(
             endpoint_url,
-            [self.user, self.editor, self.admin],
+            [self.editor, self.admin],
             results=[bcast4, bcast3, bcast2, bcast1],
             num_queries=self.BASE_SESSION_QUERIES + 4,
         )

temba/api/v2/tests/test_channel_events.py

@@ -27,7 +27,7 @@ def test_endpoint(self):
         # no filtering
         response = self.assertGet(
             endpoint_url,
-            [self.user, self.editor, self.admin],
+            [self.editor, self.admin],
             results=[call4, call3, call2, call1],
             num_queries=self.BASE_SESSION_QUERIES + 3,
         )

temba/api/v2/tests/test_channels.py

@@ -25,7 +25,7 @@ def test_endpoint(self):
         # no filtering
         self.assertGet(
             endpoint_url,
-            [self.user, self.editor, self.admin],
+            [self.editor, self.admin],
             results=[
                 {
                     "uuid": str(facebook.uuid),

temba/api/v2/tests/test_classifiers.py

@@ -33,7 +33,7 @@ def test_endpoint(self):
         # no filtering
         self.assertGet(
             endpoint_url,
-            [self.user, self.editor, self.admin],
+            [self.editor, self.admin],
             results=[
                 {
                     "name": "Booker",
@@ -50,4 +50,4 @@ def test_endpoint(self):
         self.assertGet(endpoint_url + "?uuid=09d23a05-47fe-11e4-bfe9-b8f6b119e9ab", [self.editor], results=[])
 
         # filter by uuid present
-        self.assertGet(endpoint_url + f"?uuid={c1.uuid}", [self.user, self.editor, self.admin], results=[c1])
+        self.assertGet(endpoint_url + f"?uuid={c1.uuid}", [self.editor, self.admin], results=[c1])

temba/api/v2/tests/test_contact_actions.py

@@ -16,7 +16,7 @@ def test_endpoint(self, mr_mocks):
         endpoint_url = reverse("api.v2.contact_actions") + ".json"
 
         self.assertGetNotAllowed(endpoint_url)
-        self.assertPostNotPermitted(endpoint_url, [None, self.user])
+        self.assertPostNotPermitted(endpoint_url, [None])
         self.assertDeleteNotAllowed(endpoint_url)
 
         for contact in Contact.objects.all():
@@ -29,8 +29,8 @@ def test_endpoint(self, mr_mocks):
         contact3 = self.create_contact("Cat", phone="+250788000003")
         contact4 = self.create_contact("Don", phone="+250788000004")  # a blocked contact
         contact5 = self.create_contact("Eve", phone="+250788000005")  # a deleted contact
-        contact4.block(self.user)
-        contact5.release(self.user)
+        contact4.block(self.editor)
+        contact5.release(self.editor)
 
         group = self.create_group("Testers")
         self.create_field("isdeveloper", "Is developer")

temba/api/v2/tests/test_contacts.py

@@ -23,8 +23,8 @@ def test_endpoint(self, mr_mocks):
         endpoint_url = reverse("api.v2.contacts") + ".json"
 
         self.assertGetNotPermitted(endpoint_url, [None])
-        self.assertPostNotPermitted(endpoint_url, [None, self.user])
-        self.assertDeleteNotPermitted(endpoint_url, [None, self.user, self.agent])
+        self.assertPostNotPermitted(endpoint_url, [None])
+        self.assertDeleteNotPermitted(endpoint_url, [None, self.agent])
 
         # create some more contacts (in addition to Joe and Frank)
         contact1 = self.create_contact(
@@ -36,9 +36,9 @@ def test_endpoint(self, mr_mocks):
             "Don", phone="0788000004", language="fra", fields={"nickname": "Donnie", "gender": "male"}
         )
 
-        contact1.stop(self.user)
-        contact2.block(self.user)
-        contact3.release(self.user)
+        contact1.stop(self.editor)
+        contact2.block(self.editor)
+        contact3.release(self.editor)
 
         # put some contacts in a group
         group = self.create_group("Customers", contacts=[self.joe, contact4])
@@ -64,7 +64,7 @@ def test_endpoint(self, mr_mocks):
         # no filtering
         response = self.assertGet(
             endpoint_url,
-            [self.user, self.editor, self.admin, self.agent],
+            [self.editor, self.admin, self.agent],
             results=[contact4, self.joe, contact2, contact1, self.frank],
             num_queries=self.BASE_SESSION_QUERIES + 7,
         )
@@ -100,7 +100,7 @@ def test_endpoint(self, mr_mocks):
         # with expanded URNs
         response = self.assertGet(
             endpoint_url + "?expand_urns=true",
-            [self.user],
+            [self.editor],
             results=[contact4, self.joe, contact2, contact1, self.frank],
         )
         self.assertEqual(
@@ -133,14 +133,14 @@ def test_endpoint(self, mr_mocks):
         # reversed
         response = self.assertGet(
             endpoint_url + "?reverse=true",
-            [self.user],
+            [self.editor],
             results=[self.frank, contact1, contact2, self.joe, contact4],
         )
 
         with self.anonymous(self.org):
             response = self.assertGet(
                 endpoint_url,
-                [self.user, self.editor, self.admin, self.agent],
+                [self.editor, self.admin, self.agent],
                 results=[contact4, self.joe, contact2, contact1, self.frank],
                 num_queries=self.BASE_SESSION_QUERIES + 7,
             )
@@ -168,7 +168,7 @@ def test_endpoint(self, mr_mocks):
             # with expanded URNs
             response = self.assertGet(
                 endpoint_url + "?expand_urns=true",
-                [self.user],
+                [self.editor],
                 results=[contact4, self.joe, contact2, contact1, self.frank],
             )
             self.assertEqual(
@@ -497,7 +497,7 @@ def test_endpoint(self, mr_mocks):
         self.assertEqual(jean.urns.count(), 100)
 
         # try to move a blocked contact into a group
-        jean.block(self.user)
+        jean.block(self.editor)
         self.assertPost(
             endpoint_url + f"?uuid={jean.uuid}",
             self.editor,

temba/api/v2/tests/test_fields.py

@@ -13,7 +13,7 @@ def test_endpoint(self):
         endpoint_url = reverse("api.v2.fields") + ".json"
 
         self.assertGetNotPermitted(endpoint_url, [None])
-        self.assertPostNotPermitted(endpoint_url, [None, self.user])
+        self.assertPostNotPermitted(endpoint_url, [None, self.agent])
         self.assertDeleteNotAllowed(endpoint_url)
 
         nick_name = self.create_field("nick_name", "Nick Name", agent_access=ContactField.ACCESS_EDIT)
@@ -43,7 +43,7 @@ def test_endpoint(self):
         # no filtering
         self.assertGet(
             endpoint_url,
-            [self.user, self.editor],
+            [self.editor, self.admin],
             results=[
                 {
                     "key": "registered",

temba/api/v2/tests/test_flow_starts.py

@@ -14,7 +14,7 @@ def test_endpoint(self, mock_async_start):
         endpoint_url = reverse("api.v2.flow_starts") + ".json"
 
         self.assertGetNotPermitted(endpoint_url, [None, self.agent])
-        self.assertPostNotPermitted(endpoint_url, [None, self.agent, self.user])
+        self.assertPostNotPermitted(endpoint_url, [None, self.agent])
         self.assertDeleteNotAllowed(endpoint_url)
 
         flow = self.create_flow("Test")
@@ -226,7 +226,7 @@ def test_endpoint(self, mock_async_start):
         # check fetching with no filtering
         response = self.assertGet(
             endpoint_url,
-            [self.user, self.editor],
+            [self.editor, self.admin],
             results=[start4, start3, start2, start1],
             num_queries=self.BASE_SESSION_QUERIES + 5,
         )

temba/api/v2/tests/test_flows.py

@@ -40,7 +40,7 @@ def test_endpoint(self):
         # no filtering
         self.assertGet(
             endpoint_url,
-            [self.user, self.editor],
+            [self.editor, self.admin],
             results=[
                 {
                     "uuid": archived.uuid,

temba/api/v2/tests/test_globals.py

@@ -13,7 +13,7 @@ def test_endpoint(self):
         endpoint_url = reverse("api.v2.globals") + ".json"
 
         self.assertGetNotPermitted(endpoint_url, [None, self.agent])
-        self.assertPostNotPermitted(endpoint_url, [None, self.user, self.agent])
+        self.assertPostNotPermitted(endpoint_url, [None, self.agent])
         self.assertDeleteNotAllowed(endpoint_url)
 
         # create some globals
@@ -29,7 +29,7 @@ def test_endpoint(self):
         # check no filtering
         response = self.assertGet(
             endpoint_url,
-            [self.user, self.editor],
+            [self.editor, self.admin],
             results=[
                 {
                     "key": "access_token",

temba/api/v2/tests/test_groups.py

@@ -16,8 +16,8 @@ def test_endpoint(self, mr_mocks):
         endpoint_url = reverse("api.v2.groups") + ".json"
 
         self.assertGetNotPermitted(endpoint_url, [None])
-        self.assertPostNotPermitted(endpoint_url, [None, self.user, self.agent])
-        self.assertDeleteNotPermitted(endpoint_url, [None, self.user, self.agent])
+        self.assertPostNotPermitted(endpoint_url, [None, self.agent])
+        self.assertDeleteNotPermitted(endpoint_url, [None, self.agent])
 
         frank = self.create_contact("Frank", urns=["facebook:123456"])
         self.create_field("isdeveloper", "Is developer")
@@ -38,7 +38,7 @@ def test_endpoint(self, mr_mocks):
         # no filtering
         self.assertGet(
             endpoint_url,
-            [self.user, self.editor],
+            [self.editor, self.admin],
             results=[
                 {
                     "uuid": dynamic.uuid,

temba/api/v2/tests/test_labels.py

@@ -11,8 +11,8 @@ def test_endpoint(self):
         endpoint_url = reverse("api.v2.labels") + ".json"
 
         self.assertGetNotPermitted(endpoint_url, [None, self.agent])
-        self.assertPostNotPermitted(endpoint_url, [None, self.user, self.agent])
-        self.assertDeleteNotPermitted(endpoint_url + "?uuid=123", [None, self.user, self.agent])
+        self.assertPostNotPermitted(endpoint_url, [None, self.agent])
+        self.assertDeleteNotPermitted(endpoint_url + "?uuid=123", [None, self.agent])
 
         frank = self.create_contact("Frank", urns=["tel:123456"])
         important = self.create_label("Important")
@@ -31,7 +31,7 @@ def test_endpoint(self):
         # no filtering
         self.assertGet(
             endpoint_url,
-            [self.user, self.editor],
+            [self.editor, self.admin],
             results=[
                 {"uuid": str(feedback.uuid), "name": "Feedback", "count": 0},
                 {"uuid": str(important.uuid), "name": "Important", "count": 1},

temba/api/v2/tests/test_media.py

@@ -15,7 +15,7 @@ def test_endpoint(self):
         endpoint_url = reverse("api.v2.media") + ".json"
 
         self.assertGetNotAllowed(endpoint_url)
-        self.assertPostNotPermitted(endpoint_url, [None, self.user])
+        self.assertPostNotPermitted(endpoint_url, [None])
         self.assertDeleteNotAllowed(endpoint_url)
 
         def upload(user, filename: str):

temba/api/v2/tests/test_message_actions.py

@@ -10,7 +10,7 @@ def test_endpoint(self):
         endpoint_url = reverse("api.v2.message_actions") + ".json"
 
         self.assertGetNotAllowed(endpoint_url)
-        self.assertPostNotPermitted(endpoint_url, [None, self.user, self.agent])
+        self.assertPostNotPermitted(endpoint_url, [None, self.agent])
         self.assertDeleteNotAllowed(endpoint_url)
 
         # create some messages to act on

temba/api/v2/tests/test_messages.py

@@ -17,7 +17,7 @@ def test_endpoint(self, mr_mocks):
         endpoint_url = reverse("api.v2.messages") + ".json"
 
         self.assertGetNotPermitted(endpoint_url, [None, self.agent])
-        self.assertPostNotPermitted(endpoint_url, [None, self.user])
+        self.assertPostNotPermitted(endpoint_url, [None])
         self.assertDeleteNotAllowed(endpoint_url)
 
         joe = self.create_contact("Joe Blow", phone="+250788123123")
@@ -69,7 +69,7 @@ def test_endpoint(self, mr_mocks):
         # default response is all messages sorted by created_on
         self.assertGet(
             endpoint_url,
-            [self.user, self.editor, self.admin],
+            [self.editor, self.admin],
             results=[joe_msg4, frank_msg4, frank_msg3, joe_msg3, frank_msg2, joe_msg2, frank_msg1, joe_msg1],
             num_queries=self.BASE_SESSION_QUERIES + 6,
         )
@@ -153,7 +153,9 @@ def test_endpoint(self, mr_mocks):
         )
 
         # filter by broadcast
-        broadcast = self.create_broadcast(self.user, {"eng": {"text": "A beautiful broadcast"}}, contacts=[joe, frank])
+        broadcast = self.create_broadcast(
+            self.editor, {"eng": {"text": "A beautiful broadcast"}}, contacts=[joe, frank]
+        )
         self.assertGet(
             endpoint_url + f"?broadcast={broadcast.id}",
             [self.editor],

temba/api/v2/tests/test_optins.py

@@ -12,7 +12,7 @@ def test_endpoint(self):
         endpoint_url = reverse("api.v2.optins") + ".json"
 
         self.assertGetNotPermitted(endpoint_url, [None, self.agent])
-        self.assertPostNotPermitted(endpoint_url, [None, self.agent, self.user])
+        self.assertPostNotPermitted(endpoint_url, [None, self.agent])
         self.assertDeleteNotAllowed(endpoint_url)
 
         # create some optins
@@ -23,7 +23,7 @@ def test_endpoint(self):
         # no filtering
         self.assertGet(
             endpoint_url,
-            [self.user, self.editor],
+            [self.editor, self.admin],
             results=[
                 {
                     "uuid": str(offers.uuid),

temba/api/v2/tests/test_resthooks.py

@@ -12,15 +12,15 @@ def test_endpoint(self):
         subs_url = reverse("api.v2.resthook_subscribers") + ".json"
         events_url = reverse("api.v2.resthook_events") + ".json"
 
-        self.assertGetNotPermitted(hooks_url, [None, self.agent, self.user])
+        self.assertGetNotPermitted(hooks_url, [None, self.agent])
         self.assertPostNotAllowed(hooks_url)
         self.assertDeleteNotAllowed(hooks_url)
 
-        self.assertGetNotPermitted(subs_url, [None, self.agent, self.user])
-        self.assertPostNotPermitted(subs_url, [None, self.agent, self.user])
-        self.assertDeleteNotPermitted(subs_url, [None, self.agent, self.user])
+        self.assertGetNotPermitted(subs_url, [None, self.agent])
+        self.assertPostNotPermitted(subs_url, [None, self.agent])
+        self.assertDeleteNotPermitted(subs_url, [None, self.agent])
 
-        self.assertGetNotPermitted(events_url, [None, self.agent, self.user])
+        self.assertGetNotPermitted(events_url, [None, self.agent])
         self.assertPostNotAllowed(events_url)
         self.assertDeleteNotAllowed(events_url)
 

temba/api/v2/tests/test_runs.py

@@ -18,7 +18,7 @@ def test_endpoint(self):
         self.assertDeleteNotAllowed(endpoint_url)
 
         flow1 = self.get_flow("color_v13")
-        flow2 = flow1.clone(self.user)
+        flow2 = flow1.clone(self.editor)
 
         flow1_nodes = flow1.get_definition()["nodes"]
         color_prompt = flow1_nodes[0]
@@ -77,7 +77,7 @@ def test_endpoint(self):
         # no filtering
         response = self.assertGet(
             endpoint_url,
-            [self.user, self.editor],
+            [self.editor, self.admin],
             results=[joe_run3, joe_run2, frank_run2, frank_run1, joe_run1],
             num_queries=self.BASE_SESSION_QUERIES + 6,
         )

temba/api/v2/tests/test_ticket_actions.py

@@ -14,7 +14,7 @@ def test_endpoint(self, mr_mocks):
         endpoint_url = reverse("api.v2.ticket_actions") + ".json"
 
         self.assertGetNotAllowed(endpoint_url)
-        self.assertPostNotPermitted(endpoint_url, [None, self.user])
+        self.assertPostNotPermitted(endpoint_url, [None])
         self.assertDeleteNotAllowed(endpoint_url)
 
         # create some tickets