def test_view(app, client, zope_auth, user, request_args, expect_errors,
status_code):
if user:
create_user(user)
zope_auth.update({'user_id': user})
resp = client.get(request_args, expect_errors=expect_errors)
assert resp.status_code == status_code
def test_save_in_user_check_permission():
assert Role.query.all() == []
create_user()
role = Role.query.filter_by(name=app.config["USER_ROLE"])
assert role.count() == 1
with app.test_client() as c:
assert getattr(g, "user", False) == False
user = User.query.filter_by(email="*****@*****.**").first()
assert user is not None
user.set_password("test").save()
Permissions.create(name="test_permissions")
role = user.role
role.permissions.append(Permissions(name="test_permissions_in_role"))
role.save()
login(c, "*****@*****.**", "test")
assert getattr(g, "user").email == "*****@*****.**"
c.get(url_for("account.sessions"))
g_user = getattr(g, "user")
assert g_user.email == "*****@*****.**"
assert check_permission("test_permissions") == False
assert check_permission("test_permissions_in_role") == True
def test_non_auth_view(app, setup, client, request_args, search_text):
create_user('testuser')
create_user('otheruser')
resp = client.get(*request_args)
assert resp.status_code == 200
assert resp.content_type == 'text/html'
assert resp.html.find(id='active-wiki').text.strip() == search_text
def test_admin_creates_local(app, zope_auth, client, outbox, ldap_user_info):
from .factories import DatasetFactory
_set_config(admin_email='*****@*****.**')
create_user('ze_admin', ['admin'])
zope_auth['user_id'] = 'ze_admin'
DatasetFactory()
models.db.session.commit()
register_page = client.get(flask.url_for('auth.admin_create_local'))
register_page.form['id'] = 'foo'
register_page.form['email'] = '*****@*****.**'
register_page.form['password'] = '******'
register_page.form['name'] = 'foo me'
register_page.form['institution'] = 'foo institution'
with patch('eea_integration.auth.zope_acl_manager.create') as create_in_zope:
result_page = register_page.form.submit().follow()
assert create_in_zope.call_count == 1
assert "User foo created successfully." in result_page
foo_user = models.RegisteredUser.query.get('foo')
assert foo_user.email == '*****@*****.**'
assert foo_user.confirmed_at is not None
assert foo_user.active
assert not foo_user.is_ldap
assert foo_user.password.startswith('{SSHA}')
assert len(outbox) == 1
message = outbox.pop()
assert 'Dear foo me,' in message.body
assert '"foo"' in message.body
assert '"p455w4rd"' in message.body
def test_non_auth_view(app, setup, client, request_args, search_text):
create_user('testuser')
create_user('otheruser')
resp = client.get(*request_args)
assert resp.status_code == 200
assert resp.content_type == 'text/html'
assert resp.html.find(id='active-wiki').text.strip() == search_text
def test_email_notification_for_role_changes(app, zope_auth, client, outbox):
from .factories import DatasetFactory
create_user('ze_admin', ['admin'])
foo = create_user('foo', ['etc', 'stakeholder'], name="Foo Person")
DatasetFactory()
models.db.session.commit()
zope_auth.update({'user_id': 'ze_admin'})
page = client.get(flask.url_for('auth.admin_user', user_id='foo'))
page.form['roles'] = ['stakeholder', 'nat']
page.form['name'] = "Foo Person"
page.form['email'] = "*****@*****.**"
page.form['institution'] = "Foo Institution"
page.form.submit()
assert len(outbox) == 0
page.form['roles'] = ['etc', 'stakeholder']
page.form['name'] = "Foo Person"
page.form['email'] = "*****@*****.**"
page.form['institution'] = "Foo Institution"
page.form['notify_user'] = True
page.form.submit()
assert len(outbox) == 1
[msg] = outbox
assert msg.recipients == ['*****@*****.**']
assert "* European topic center" in msg.body
assert "* Stakeholder" in msg.body
def test_view(app, client, set_auth, user, request_args, expect_errors,
status_code):
if user:
create_user(user)
force_login(client, user)
resp = client.get(request_args, expect_errors=expect_errors)
assert resp.status_code == status_code
def test_email_notification_for_role_changes(app, set_auth, client, outbox):
from .factories import DatasetFactory
create_user('ze_admin', ['admin'])
create_user('foo', ['etc', 'stakeholder'], name="Foo Person")
DatasetFactory()
models.db.session.commit()
force_login(client, 'ze_admin')
page = client.get(flask.url_for('auth.admin_user', user_id='foo'))
page.form['roles'] = ['stakeholder', 'nat']
page.form['name'] = "Foo Person"
page.form['email'] = "*****@*****.**"
page.form['institution'] = "Foo Institution"
page.form.submit()
assert len(outbox) == 0
page.form['roles'] = ['etc', 'stakeholder']
page.form['name'] = "Foo Person"
page.form['email'] = "*****@*****.**"
page.form['institution'] = "Foo Institution"
page.form['notify_user'] = True
page.form.submit()
assert len(outbox) == 1
[msg] = outbox
assert msg.recipients == ['*****@*****.**']
assert "* European topic center" in msg.body
assert "* Stakeholder" in msg.body
def test_autofill_conclusion_form(app, client, zope_auth, setup_autofill,
request_args, user):
create_user(user, ['stakeholder'])
zope_auth.update({'user_id': user})
resp = client.get(*get_request_params('get', request_args))
form = resp.forms[1]
assert form['range_surface_area'].value == '100'
# assert form['method_range'].value == '2GD'
# assert form['conclusion_range'].value == 'FV'
form['complementary_favourable_range'] = '200~~'
resp = form.submit()
form = resp.forms[1]
assert form['range_surface_area'].value == '100'
# assert form['method_range'].value == '2GD'
# assert form['conclusion_range'].value == 'FV'
assert form['complementary_favourable_range'].value == '200~~'
assert 'form-error-td' in resp.html.find(
id='complementary_favourable_range').parent.get('class')
assert resp.html.find('li', {'class': 'flashmessage'}).text == \
'Please correct the errors below and try again.'
def test_admin_creates_local(app, set_auth, client, outbox, ldap_user_info):
from .factories import DatasetFactory
_set_config(admin_email='*****@*****.**')
create_user('ze_admin', ['admin'])
force_login(client, 'ze_admin')
DatasetFactory()
models.db.session.commit()
register_page = client.get(flask.url_for('auth.admin_create_local'))
register_page.form['id'] = 'foo'
register_page.form['email'] = '*****@*****.**'
register_page.form['password'] = '******'
register_page.form['name'] = 'foo me'
register_page.form['institution'] = 'foo institution'
result_page = register_page.form.submit().follow()
assert "User foo created successfully." in result_page
foo_user = models.RegisteredUser.query.get('foo')
assert foo_user.email == '*****@*****.**'
assert foo_user.confirmed_at is not None
assert foo_user.active
assert not foo_user.is_ldap
assert foo_user.password.startswith('{SSHA}')
assert len(outbox) == 1
message = outbox.pop()
assert 'Dear foo me,' in message.body
assert '"foo"' in message.body
assert '"p455w4rd"' in message.body
def test_toggle_del(app, setup, zope_auth, client):
create_user('testuser')
set_user('testuser')
initial_value = get_instance(WikiComment, id=1).deleted or 0
client.get('/species/summary/datasheet/manage_comment/', {
'comment_id': 1, 'toggle': 'del', 'period': '1'})
assert get_instance(WikiComment, id=1).deleted == 1 - initial_value
def test_404_error(app, setup, zope_auth, client, request_type, request_args,
post_params):
create_user('otheruser')
set_user('otheruser')
resp = getattr(client, request_type)(*get_request_params(
request_type, request_args, post_params), expect_errors=True)
assert resp.status_code == 404
def test_edit_comment(app, setup, zope_auth, client):
create_user('testuser', role_names=['stakeholder'])
set_user('testuser')
client.post(*get_request_params(
'post', ['/species/summary/datasheet/edit_comment/', {
'period': '1', 'subject': 'Canis lupus', 'region': '',
'comment_id': 1}], {'comment': 'Test edit comment.'}))
assert get_instance(WikiComment, id=1).comment == 'Test edit comment.'
def test_autofill_conclusion_form(app, client, set_auth, setup_autofill,
request_args, user):
create_user(user, ['stakeholder'])
force_login(client, user)
resp = client.get(*get_request_params('get', request_args))
form = resp.context['manual_form']
assert form.conclusion_assessment_prev.data == 'FV'
def test_hide_adm_etc_username(app, setup, zope_auth, client, roles):
create_user('testuser', roles, 'Secret Name', 'Test Insitution')
create_user('otheruser')
set_user('otheruser')
resp = client.get('/species/summary/datasheet/', {
'period': '1', 'subject': 'Canis lupus', 'region': ''})
assert 'Secret Name' not in resp.html.name
def test_get_revision(app, setup, zope_auth, client):
create_user('testuser', role_names=['etc'])
set_user('testuser')
resp = client.get('/species/summary/datasheet/get_revision/', {
'revision_id': 1})
assert (resp.html.text == "The wolf was the world's most widely "
"distributed mammal.")
def test_change_active_revision(app, setup, zope_auth, client):
create_user('otheruser', role_names=['etc'])
set_user('otheruser')
client.post(*get_request_params(
'post', ['/species/summary/datasheet/page_history/', {
'period': '1', 'subject': 'Canis lupus', 'region': ''}],
{'revision_id': 3}))
assert get_instance(WikiChange, id=1).active == 0
assert get_instance(WikiChange, id=3).active == 1
def test_edit_page(app, setup, zope_auth, client):
create_user('testuser', role_names=['etc'])
set_user('testuser')
client.post(*get_request_params(
'post', ['/species/summary/datasheet/edit_page/', {
'period': '1', 'subject': 'Canis lupus', 'region': ''}],
{'text': 'Test edit page.'}))
assert get_instance(WikiChange, id=1).active == 0
assert get_instance(WikiChange, body='Test edit page.').active == 1
def test_unread_conclusion_comments(app, client, set_auth, setup_common, setup,
user, path, args):
create_user(user)
set_auth.update({'user_id': user})
resp = client.get(path, args)
assert resp.status_code == 200
assert 'Unread comments for my conclusions: 2' in resp.text
assert 'Unread comments for all conclusions: 3' in resp.text
assert 'Unread comments for data sheet info: 1' in resp.text
def test_get_revision(app, setup, set_auth, client):
create_user('testuser', role_names=['etc'])
set_user('testuser')
force_login(client, 'testuser')
resp = client.get('/species/summary/datasheet/get_revision/',
{'revision_id': 1})
assert (resp.html.text == "The wolf was the world's most widely "
"distributed mammal.")
def test_unread_conclusion_comments(app, client, zope_auth, setup_common,
setup, user, path, args):
create_user(user)
zope_auth.update({'user_id': user})
resp = client.get(path, args)
assert resp.status_code == 200
assert 'Unread comments for my conclusions: 2' in resp.text
assert 'Unread comments for all conclusions: 3' in resp.text
assert 'Unread comments for data sheet info: 1' in resp.text
def test_perms_auth_user(app, setup, set_auth, client, request_type,
request_args, post_params):
create_user('otheruser')
set_user('otheruser')
resp = getattr(client,
request_type)(*get_request_params(request_type,
request_args,
post_params),
expect_errors=True)
assert resp.status_code == 403
def test_self_registration_flow(app, zope_auth, client, outbox, ldap_user_info):
from .factories import DatasetFactory
_set_config(admin_email='*****@*****.**')
create_user('ze_admin', ['admin'])
DatasetFactory()
models.db.session.commit()
register_page = client.get(flask.url_for('auth.register_local'))
register_page.form['id'] = 'foo'
register_page.form['email'] = '*****@*****.**'
register_page.form['password'] = '******'
register_page.form['name'] = 'foo me'
register_page.form['institution'] = 'foo institution'
result_page = register_page.form.submit()
assert "Confirmation instructions have been sent" in result_page.text
foo_user = models.RegisteredUser.query.get('foo')
assert foo_user.email == '*****@*****.**'
assert foo_user.confirmed_at is None
assert not foo_user.active
assert not foo_user.is_ldap
assert foo_user.password.startswith('{SSHA}')
assert len(outbox) == 1
confirm_message = outbox.pop()
assert 'Dear foo me,' in confirm_message.body
assert '*****@*****.**' in confirm_message.body
url = confirm_message.body.splitlines()[4].strip()
assert url.startswith("http://localhost/confirm/")
with patch('eea_integration.auth.zope_acl_manager.create') as create_in_zope:
client.get(url)
assert create_in_zope.call_count == 1
foo_user = models.RegisteredUser.query.get('foo')
assert foo_user.confirmed_at is not None
assert foo_user.active
assert len(outbox) == 1
admin_message = outbox.pop()
assert admin_message.recipients == ['*****@*****.**']
assert "Local user has registered" in admin_message.body
url = admin_message.body.split()[-1]
assert url == 'http://localhost/auth/users/foo'
with patch('eea_integration.auth.zope_acl_manager.delete') as delete_in_zope:
zope_auth['user_id'] = 'ze_admin'
activation_page = client.get(url)
activation_page.form['active'] = False
activation_page.form.submit()
assert delete_in_zope.call_count == 1
foo_user = models.RegisteredUser.query.get('foo')
assert not foo_user.active
def test_toggle_del(app, setup, set_auth, client):
create_user('testuser')
set_user('testuser')
force_login(client, 'testuser')
initial_value = get_instance(WikiComment, id=1).deleted or 0
client.get('/species/summary/datasheet/manage_comment/', {
'comment_id': 1,
'toggle': 'del',
'period': '5'
})
assert get_instance(WikiComment, id=1).deleted == 1 - initial_value
def test_add_conclusion_etc(app, client, set_auth, setup_add, request_args,
post_params, user, MS, roles, model_cls):
create_user(user, roles, ms=MS)
force_login(client, user)
resp = client.post(*get_request_params('post', request_args, post_params))
assert resp.status_code == 200
post_params.pop('submit', None)
manual_ass = model_cls.query.filter_by(**post_params).one()
assert manual_ass.MS == 'EU28'
def test_toggle_read(app, setup, zope_auth, client):
create_user('otheruser')
set_user('otheruser')
def get_value():
return get_instance(WikiComment, id=1) in get_instance(
RegisteredUser, id='otheruser').read_comments
initial_value = get_value()
client.get('/species/summary/datasheet/manage_comment/', {
'comment_id': 1, 'toggle': 'read', 'period': '1'})
assert get_value() is not initial_value
def test_data(app, client, set_auth, setup, user, request_args,
exp_conclusion_fields, exp_comment_fields):
create_user(user)
force_login(client, user)
resp = client.get(request_args)
assert resp.status_code == 200
comments, conclusions = resp.html.find_all('table')
comment_fields = [c.text for c in comments.find_all('td')]
conclusion_fields = [c.text for c in conclusions.find_all('td')]
assert comment_fields == exp_comment_fields
assert conclusion_fields == exp_conclusion_fields
def test_add_conclusion_etc(app, client, zope_auth, setup_add, request_args,
post_params, user, MS, roles, model_cls):
create_user(user, roles, ms=MS)
zope_auth.update({'user_id': user})
resp = client.post(*get_request_params('post', request_args, post_params))
assert resp.status_code == 200
post_params.pop('submit', None)
manual_ass = model_cls.query.filter_by(**post_params).one()
assert manual_ass.MS == 'EU27'
def test_update_decision(app, client, set_auth, setup_decision, request_args,
post_params, user, roles, expect_errors, status_code,
success, message):
create_user(user, roles)
force_login(client, user)
resp = client.post(*get_request_params('post', request_args, post_params),
expect_errors=expect_errors)
assert resp.status_code == status_code
if status_code == 200:
assert resp.json['success'] == success
assert resp.json.get('error', '') == message
def test_add_comment(app, setup, zope_auth, client):
create_user('newuser')
set_user('newuser')
request_data = ('post', ['/species/summary/datasheet/add_comment/', {
'period': '1', 'subject': 'Canis lupus', 'region': ''}],
{'comment': 'Test add comment.'})
client.post(*get_request_params(*request_data))
request_args = request_data[1][1]
wiki = get_instance(Wiki, dataset_id=request_args['period'],
assesment_speciesname=request_args['subject'],
region_code=request_args['region'])
assert request_data[2]['comment'] in [c.comment for c in wiki.comments]
def test_hide_adm_etc_username(app, setup, set_auth, client, roles):
create_user('testuser', roles, 'Secret Name', 'Test Insitution')
create_user('otheruser')
set_user('otheruser')
force_login(client, 'otheruser')
resp = client.get('/species/summary/datasheet/', {
'period': '5',
'subject': 'Canis lupus',
'region': ''
})
assert 'Secret Name' not in resp.html.name
def test_data(app, client, zope_auth, setup, user, request_args,
exp_conclusion_fields, exp_comment_fields):
create_user(user)
zope_auth.update({'user_id': user})
resp = client.get(request_args)
assert resp.status_code == 200
comments, conclusions = resp.html.find_all('table')
comment_fields = [c.text for c in comments.find_all('td')]
conclusion_fields = [c.text for c in conclusions.find_all('td')]
assert comment_fields == exp_comment_fields
assert conclusion_fields == exp_conclusion_fields
def test_view_requires_admin(app, zope_auth, client):
from .factories import DatasetFactory
create_user('ze_admin', ['admin'])
create_user('foo')
DatasetFactory()
models.db.session.commit()
admin_user_url = flask.url_for('auth.admin_user', user_id='foo')
assert client.get(admin_user_url, expect_errors=True).status_code == 403
zope_auth.update({'user_id': 'ze_admin'})
assert client.get(admin_user_url).status_code == 200
def test_update_decision(app, client, zope_auth, setup_decision, request_args,
post_params, user, roles, expect_errors, status_code,
success, message):
create_user(user, roles)
zope_auth.update({'user_id': user})
resp = client.post(*get_request_params('post', request_args, post_params),
expect_errors=expect_errors)
assert resp.status_code == status_code
if status_code == 200:
assert resp.json['success'] == success
assert resp.json.get('error', '') == message
def test_view_requires_admin(app, set_auth, client):
from .factories import DatasetFactory
create_user('ze_admin', ['admin'])
create_user('foo')
DatasetFactory()
models.db.session.commit()
admin_user_url = flask.url_for('auth.admin_user', user_id='foo')
assert client.get(admin_user_url, expect_errors=True).status_code == 403
force_login(client, 'ze_admin')
assert client.get(admin_user_url).status_code == 200
def test_change_active_revision(app, setup, set_auth, client):
create_user('otheruser', role_names=['etc'])
set_user('otheruser')
force_login(client, 'otheruser')
client.post(*get_request_params('post', [
'/species/summary/datasheet/page_history/', {
'period': '5',
'subject': 'Canis lupus',
'region': ''
}
], {'revision_id': 3}))
assert get_instance(WikiChange, id=1).active == 0
assert get_instance(WikiChange, id=3).active == 1
def test_edit_comment(app, setup, set_auth, client):
create_user('testuser', role_names=['stakeholder'])
set_user('testuser')
force_login(client, 'testuser')
client.post(*get_request_params('post', [
'/species/summary/datasheet/edit_comment/', {
'period': '5',
'subject': 'Canis lupus',
'region': '',
'comment_id': 1
}
], {'comment': 'Test edit comment.'}))
assert get_instance(WikiComment, id=1).comment == 'Test edit comment.'
def test_edit_page(app, setup, set_auth, client):
create_user('testuser', role_names=['etc'])
set_user('testuser')
force_login(client, 'testuser')
client.post(*get_request_params('post', [
'/species/summary/datasheet/edit_page/', {
'period': '5',
'subject': 'Canis lupus',
'region': ''
}
], {'text': 'Test edit page.'}))
assert get_instance(WikiChange, id=1).active == 0
assert get_instance(WikiChange, body='Test edit page.').active == 1
def test_self_registration_flow(app, set_auth, client, outbox, ldap_user_info):
from .factories import DatasetFactory
_set_config(admin_email='*****@*****.**')
create_user('ze_admin', ['admin'])
DatasetFactory()
models.db.session.commit()
register_page = client.get(flask.url_for('auth.register_local'))
register_page.form['id'] = 'foo'
register_page.form['email'] = '*****@*****.**'
register_page.form['password'] = '******'
register_page.form['name'] = 'foo me'
register_page.form['institution'] = 'foo institution'
result_page = register_page.form.submit()
assert "Confirmation instructions have been sent" in result_page.text
foo_user = models.RegisteredUser.query.get('foo')
assert foo_user.email == '*****@*****.**'
assert foo_user.confirmed_at is None
assert not foo_user.active
assert not foo_user.is_ldap
assert foo_user.password.startswith('{SSHA}')
assert len(outbox) == 1
confirm_message = outbox.pop()
assert 'Dear foo me,' in confirm_message.body
assert '*****@*****.**' in confirm_message.body
url = confirm_message.body.splitlines()[4].strip()
assert url.startswith("http://localhost/confirm/")
client.get(url)
foo_user = models.RegisteredUser.query.get('foo')
assert foo_user.confirmed_at is not None
assert foo_user.active
assert len(outbox) == 1
admin_message = outbox.pop()
assert admin_message.recipients == ['*****@*****.**']
assert "Local user has registered" in admin_message.body
url = admin_message.body.split()[-1]
assert url == 'http://localhost/auth/users/foo'
force_login(client, 'ze_admin')
activation_page = client.get(url)
activation_page.form['active'] = False
activation_page.form.submit()
foo_user = models.RegisteredUser.query.get('foo')
assert not foo_user.active
def test_ldap_account_activation_flow(
app,
zope_auth,
client,
outbox,
ldap_user_info,
):
from .factories import DatasetFactory
_set_config(admin_email='*****@*****.**')
ldap_user_info['foo'] = {'email': '*****@*****.**', 'full_name': 'foo'}
create_user('ze_admin', ['admin'])
DatasetFactory()
models.db.session.commit()
@app.before_request
def set_testing_user():
set_user('foo', is_ldap_user=True)
register_page = client.get(flask.url_for('auth.register_ldap'))
register_page.form['institution'] = 'foo institution'
with patch('eea_integration.auth.zope_acl_manager.create') as create_in_zope:
result_page = register_page.form.submit()
assert create_in_zope.call_count == 0
assert "has been registered" in result_page.text
foo_user = models.RegisteredUser.query.get('foo')
assert foo_user.email == '*****@*****.**'
assert foo_user.confirmed_at is not None
assert foo_user.active
assert foo_user.is_ldap
assert len(outbox) == 1
admin_message = outbox.pop()
assert admin_message.recipients == ['*****@*****.**']
assert "Eionet user has registered" in admin_message.body
url = admin_message.body.split()[-1]
assert url == 'http://localhost/auth/users/foo'
with patch('eea_integration.auth.zope_acl_manager.delete') as delete_in_zope:
zope_auth['user_id'] = 'ze_admin'
activation_page = client.get(url)
activation_page.form['active'] = False
activation_page.form.submit()
assert delete_in_zope.call_count == 0
foo_user = models.RegisteredUser.query.get('foo')
assert not foo_user.active
def test_change_ldap_password(app, set_auth, client):
foo = create_user('foo')
foo.is_ldap = True
models.db.session.commit()
force_login(client, 'foo')
page = client.get(flask.url_for('auth.change_password'))
assert os.environ.get('EEA_PASSWORD_RESET') in page
def test_identity_is_set_from_plone_whoami(app, set_auth, client):
create_user('ze_admin', ['admin'])
@app.route('/identity')
def get_identity():
identity = flask.g.identity
return flask.jsonify(
id=identity.id,
provides=sorted(list(identity.provides)),
)
force_login(client, 'ze_admin')
identity = client.get('/identity').json
assert identity['id'] == 'ze_admin'
assert identity['provides'] == [['id', 'ze_admin'], ['role', 'admin']]
def test_edit_conclusion(app, client, set_auth, setup_edit, request_args,
post_params, user, roles, expect_errors, status_code,
search_text):
create_user(user, roles)
force_login(client, user)
resp = client.post(*get_request_params('post', request_args, post_params),
expect_errors=expect_errors)
assert resp.status_code == status_code
if resp.status_code == 302:
resp = resp.follow()
if search_text:
assert search_text in resp.html.text
def test_unread_conclusion_comments_read_comments(
app, client, zope_auth, setup_common, setup, username, path, args,
comment_cls, wiki_id, read, unread_comments):
user = create_user(username)
zope_auth.update({'user_id': username})
comment = comment_cls(id=10, author_id='user10', region='ALP')
comment_other_conclusion = comment_cls(
id=11, author_id='user11', region='ALP', user_id='conclusion_user')
wiki_comment = factories.WikiCommentFactory(
id=10, author_id='user10', wiki_id=wiki_id)
models.db.session.commit()
if read:
comment.readers.append(user)
comment_other_conclusion.readers.append(user)
wiki_comment.readers.append(user)
models.db.session.commit()
resp = client.get(path, args)
assert resp.status_code == 200
mine, all, dsi = unread_comments
assert 'Unread comments for my conclusions: {0}'.format(mine) in resp.text
assert 'Unread comments for all conclusions: {0}'.format(all) in resp.text
assert 'Unread comments for data sheet info: {0}'.format(dsi) in resp.text
def test_identity_is_set_from_zope_whoami(app, zope_auth, client):
create_user('ze_admin', ['admin'])
@app.route('/identity')
def get_identity():
identity = flask.g.identity
return flask.jsonify(
id=identity.id,
provides=sorted(list(identity.provides)),
)
zope_auth.update({'user_id': 'ze_admin', 'is_ldap_user': False})
identity = client.get('/identity').json
assert identity['id'] == 'ze_admin'
assert identity['provides'] == [['id', 'ze_admin'], ['role', 'admin']]
def test_change_ldap_password(app, zope_auth, client):
foo = create_user('foo')
foo.is_ldap = True
models.db.session.commit()
zope_auth.update({'user_id': 'foo', 'is_ldap_user': True})
page = client.get(flask.url_for('auth.change_password'))
assert "Your password can be changed only from the EIONET website (http://www.eionet.europa.eu/profile)." in page
def test_edit_conclusion(app, client, zope_auth, setup_edit, request_args,
post_params, user, roles, expect_errors, status_code,
search_text):
create_user(user, roles)
zope_auth.update({'user_id': user})
resp = client.post(*get_request_params('post', request_args, post_params),
expect_errors=expect_errors)
assert resp.status_code == status_code
if resp.status_code == 302:
resp = resp.follow()
if search_text:
assert search_text in resp.html.text
def test_unread_conclusion_comments_read_comments(app, client, set_auth,
setup_common, setup,
username, path, args,
comment_cls, wiki_id, read,
unread_comments):
user = create_user(username)
set_auth.update({'user_id': username})
comment = comment_cls(id=10, author_id='user10', region='ALP')
comment_other_conclusion = comment_cls(id=11,
author_id='user11',
region='ALP',
user_id='conclusion_user')
wiki_comment = factories.WikiCommentFactory(id=10,
author_id='user10',
wiki_id=wiki_id)
models.db.session.commit()
if read:
comment.readers.append(user)
comment_other_conclusion.readers.append(user)
wiki_comment.readers.append(user)
models.db.session.commit()
resp = client.get(path, args)
assert resp.status_code == 200
mine, all, dsi = unread_comments
assert 'Unread comments for my conclusions: {0}'.format(mine) in resp.text
assert 'Unread comments for all conclusions: {0}'.format(all) in resp.text
assert 'Unread comments for data sheet info: {0}'.format(dsi) in resp.text
def test_only_admin_or_coordinator_can_edit_course(client, admin_client):
course = Course.objects.create(slug='dbsql', name='A course', abstract='asdf')
professor = create_user('professor')
client.login(username=professor.username, password='******')
response = client.post('/api/course/{}'.format(str(course.id)),
{'id': course.id,
'slug': course.slug,
'abstract': 'A abstract'},
content_type='application/json;charset=UTF-8')
assert response.status_code == 403
assert course.abstract == 'asdf'
mommy.make('CourseProfessor', user=professor, course=course, role='coordinator')
response = client.post('/api/course/{}'.format(str(course.id)), {'id': str(course.id),
'slug': course.slug,
'abstract': 'A abstract'})
changed_course = Course.objects.get(id=course.id)
assert response.status_code == 200
assert changed_course.abstract == 'A abstract'
response = admin_client.post('/api/course/{}'.format(str(course.id)), {'id': str(course.id),
'slug': course.slug,
'abstract': 'Another abstract'})
changed_course = Course.objects.get(id=course.id)
assert response.status_code == 200
assert changed_course.abstract == 'Another abstract'
def test_only_admin_or_coordinator_can_edit_courseprofessors(
client, admin_client):
from core.models import CourseProfessor
import json
course = mommy.make('Course',
slug='dbsql',
name='A course',
abstract='asdf')
professor = create_user('professor')
course_professor = mommy.make('CourseProfessor',
course=course,
biography='asdf')
client.login(username=professor.username, password='******')
response = client.put('/api/course_professor/{}'.format(
str(course_professor.id)), {
'id': course_professor.id,
'biography': 'A biography'
},
content_type='application/json;charset=UTF-8')
assert response.status_code == 403
assert course_professor.biography == 'asdf'
# set user as coordinator
mommy.make('CourseProfessor',
user=professor,
course=course,
role='coordinator')
response = client.put('/api/course_professor/' + str(course_professor.id),
json.dumps({
'id': course_professor.id,
'course': course.id,
'professor': professor.id,
'biography': 'A biography'
}),
content_type='application/json;charset=UTF-8')
changed_course_professor = CourseProfessor.objects.get(
id=course_professor.id)
assert response.status_code == 200
assert changed_course_professor.biography == 'A biography'
response = admin_client.put('/api/course_professor/' +
str(course_professor.id),
json.dumps({
'id':
course_professor.id,
'course':
course.id,
'biography':
'Another biography as admin'
}),
content_type='application/json;charset=UTF-8')
changed_course_professor = CourseProfessor.objects.get(
id=course_professor.id)
assert response.status_code == 200
assert changed_course_professor.biography == 'Another biography as admin'
def test_toggle_read(app, setup, set_auth, client):
create_user('otheruser')
set_user('otheruser')
force_login(client, 'otheruser')
def get_value():
return get_instance(WikiComment,
id=1) in get_instance(RegisteredUser,
id='otheruser').read_comments
initial_value = get_value()
client.get('/species/summary/datasheet/manage_comment/', {
'comment_id': 1,
'toggle': 'read',
'period': '5'
})
assert get_value() is not initial_value
def test_comments(app, client, setup, zope_auth, request_type, request_args,
post_params, user, expect_errors, status_code,
assert_condition):
create_user('testuser')
if user:
if user[0] != 'testuser':
create_user(*user)
zope_auth.update({'user_id': user[0]})
resp = getattr(client, request_type)(*get_request_params(
request_type, request_args, post_params), expect_errors=expect_errors)
assert resp.status_code == status_code
if resp.status_code == 302:
resp = resp.follow()
if assert_condition:
assert eval(assert_condition)
def test_register_users_until_waitinglist(barcamp, app):
users = []
barcamp = app.get_barcamp("test") # retrieve it again to have an event initialized
event = barcamp.event
for i in range(1,6):
user = create_user(app, "user1")
users.append(unicode(user._id))
event.add_participant(user)
user = create_user(app, "user1")
pytest.raises(ParticipantListFull, event.add_participant, user)
barcamp.save()
bc = app.get_barcamp("test")
assert unicode(user._id) not in bc.event.participants
assert unicode(user._id) in bc.event.waiting_list
assert len(bc.event.participants) == 5
assert len(bc.event.waiting_list) == 1
def test_user_courses_cannot_show_assistant_and_coordinator_tabs_for_students(client):
student = create_user('student')
client.login(username=student.username, password='******')
response = client.get('/my-courses/')
assert 'href="#course-as-teacher"' not in response.content
assert 'href="#course-as-coordinator"' not in response.content
def test_register_users_until_waitinglist(barcamp, app):
users = []
barcamp = app.get_barcamp(
"test") # retrieve it again to have an event initialized
event = barcamp.event
for i in range(1, 6):
user = create_user(app, "user1")
users.append(unicode(user._id))
event.add_participant(user)
user = create_user(app, "user1")
pytest.raises(ParticipantListFull, event.add_participant, user)
barcamp.save()
bc = app.get_barcamp("test")
assert unicode(user._id) not in bc.event.participants
assert unicode(user._id) in bc.event.waiting_list
assert len(bc.event.participants) == 5
assert len(bc.event.waiting_list) == 1
def test_count_read_comments_deleted(app, manual_assessment_cls, comment_cls,
deleted, expected_result):
record = manual_assessment_cls()
comment = comment_cls(deleted=deleted)
models.db.session.commit()
user = create_user('someuser')
comment.readers.append(user)
models.db.session.commit()
assert record.comments_count_read('someuser') == expected_result
def test_user_courses_cannot_show_assistant_and_coordinator_tabs_for_students(
client):
student = create_user('student')
client.login(username=student.username, password='******')
response = client.get('/my-courses/')
assert 'href="#course-as-teacher"' not in response.content
assert 'href="#course-as-coordinator"' not in response.content
def test_add_comment(app, setup, set_auth, client):
create_user('newuser')
set_user('newuser')
force_login(client, 'newuser')
request_data = ('post', [
'/species/summary/datasheet/add_comment/', {
'period': '5',
'subject': 'Canis lupus',
'region': ''
}
], {
'comment': 'Test add comment.'
})
client.post(*get_request_params(*request_data))
request_args = request_data[1][1]
wiki = get_instance(Wiki,
dataset_id=request_args['period'],
assesment_speciesname=request_args['subject'],
region_code=request_args['region'])
assert request_data[2]['comment'] in [c.comment for c in wiki.comments]
def test_ldap_account_activation_flow(app, set_auth, client, outbox,
ldap_user_info):
from art17.auth.providers import set_user
from .factories import DatasetFactory
_set_config(admin_email='*****@*****.**')
ldap_user_info['foo'] = {'email': '*****@*****.**', 'full_name': 'foo'}
create_user('ze_admin', ['admin'])
DatasetFactory()
models.db.session.commit()
@app.before_request
def set_testing_user():
set_user('foo', is_ldap_user=True)
register_page = client.get(flask.url_for('auth.register_ldap'))
register_page.form['institution'] = 'foo institution'
result_page = register_page.form.submit()
assert "has been registered" in result_page.text
foo_user = models.RegisteredUser.query.get('foo')
assert foo_user.email == '*****@*****.**'
assert foo_user.confirmed_at is not None
assert foo_user.active
assert foo_user.is_ldap
assert len(outbox) == 1
admin_message = outbox.pop()
assert admin_message.recipients == ['*****@*****.**']
assert "Eionet user has registered" in admin_message.body
url = admin_message.body.split()[-1]
assert url == 'http://localhost/auth/users/foo'
force_login(client, 'ze_admin')
activation_page = client.get(url)
activation_page.form['active'] = False
activation_page.form.submit()
foo_user = models.RegisteredUser.query.get('foo')
assert not foo_user.active
def test_comments(app, client, setup, set_auth, request_type, request_args,
post_params, user, expect_errors, status_code,
assert_condition):
create_user('testuser')
if user:
if user[0] != 'testuser':
create_user(*user)
force_login(client, user[0])
resp = getattr(client,
request_type)(*get_request_params(request_type,
request_args,
post_params),
expect_errors=expect_errors)
assert resp.status_code == status_code
if resp.status_code == 302:
resp = resp.follow()
if assert_condition:
assert eval(assert_condition)
