class TestSchema(StoredObject):
_id = StringField(primary=True)
# Simple fields
intfield = IntegerField(list=False, validate=True)
floatfield = FloatField(list=False, validate=True)
boolfield = BooleanField(list=False, validate=True)
datetimefield = DateTimeField(list=False, validate=True)
stringfield = StringField(list=False, validate=True)
regexfield = StringField(list=False, validate=RegexValidator('^foo$'))
urlfield = StringField(list=False, validate=URLValidator())
int_min_field = IntegerField(validate=MinValueValidator(3))
int_max_field = IntegerField(validate=MaxValueValidator(15))
string_min_field = StringField(validate=MinLengthValidator(3))
string_max_field = StringField(validate=MaxLengthValidator(15))
# List fields
# int_list = IntegerField(list=True, validate=MinValueValidator(3))
# float_list = FloatField(list=True, validate=True)
# bool_list = BooleanField(list=True, validate=True)
# datetime_list = DateTimeField(list=True, default=[])
# string_list = StringField(list=True, validate=True)
_meta = {'optimistic': True}
def test_min_and_max_value_list(self):
'''
Assert that a list with MinLengthValidator(x) and
MaxLengthValidator(y) cannot
be saved with a length less than x or
a length greater than y
'''
list_of_list_for_min_max = [
['whoa'],
[2,4,0,],
[17,],
[5,5,5,5,],
[5,5,5,5,6,7,8,9,11,12,],
]
Schema = create_schema(
'min_max_value_schema',
field=IntegerField(
list=True,
validate=[MinValueValidator(5), MaxValueValidator(15)],
list_validate=[MinLengthValidator(5), MaxLengthValidator(7)],
)
)
test_row=Schema()
for test_list in list_of_list_for_min_max:
test_row.field = test_list
self.assertRaises(Exception, test_row.save)
def test_validate_min_value_list(self):
'''
Assert that a list with MinLengthValidator(n) cannot
be saved with a value less than n.
'''
list_of_list_for_min = [
['whoa'],
[2,4,0,],
[2,3,4,5,],
[2,3,4,5,6,7,8,9,11,12,],
]
Schema = create_schema(
'min_value_schema',
field=IntegerField(
list=True,
validate=MinValueValidator(5),
list_validate=[MinLengthValidator(5), MaxLengthValidator(7)]
)
)
test_row = Schema()
for test_list in list_of_list_for_min:
test_row.field = test_list
self.assertRaises(Exception, test_row.save)
def test_validate_max_length_list(self):
'''
Assert that a list with MaxLengthValidator(n) cannot
be saved with a length greater than n.
'''
list_of_items_for_max = [
[
1,
2,
3,
4,
5,
],
[
'whoaaaaa',
'whoaaaaa',
],
[
'awesome',
'aweseome',
'awesome',
'awesome',
],
[
'awesome',
'awesome',
'awesome',
'awesome',
'awesome',
'awesome',
'awesome',
'awesome',
],
]
Schema = create_schema(
'max_length_schema',
field=StringField(
list=True,
validate=MaxLengthValidator(7),
list_validate=[MinLengthValidator(5),
MaxLengthValidator(7)]))
# import pdb; pdb.set_trace()
test_row = Schema()
class Foo(StoredObject):
_id = IntegerField()
test_field_max = IntegerField(list=True,
list_validate=[
MaxLengthValidator(5),
])
test_field_min = IntegerField(list=True,
list_validate=[
MinLengthValidator(3),
])
class Foo(StoredObject):
_id = IntegerField()
test_field_max = StringField(list=False,
validate=[
MaxLengthValidator(5),
])
test_field_min = StringField(list=False,
validate=[
MinLengthValidator(5),
])
def test_validate_min_length_list(self):
'''
Assert that a list with MinLengthValidator(n) cannot
be saved with a length less than n.
'''
list_of_items_for_min = [
[
1,
2,
3,
4,
5,
],
[
'whoa',
'whoa',
],
[
'awesome',
'awesome',
'awesome',
'awesome',
],
[
'awesome',
'awesome',
'awesome',
'awesome',
'awesome',
'awesome',
'awesome',
'awesome',
],
]
Schema = create_schema(
'min_length_schema',
field=StringField(
list=True,
validate=MinLengthValidator(5),
list_validate=[MinLengthValidator(5),
MaxLengthValidator(7)]))
test_row = Schema()
for test_list in list_of_items_for_min:
test_row.field = test_list
self.assertRaises(Exception, test_row.save)
class Retraction(EmailApprovableSanction):
"""
Retraction object for public registrations.
Externally (specifically in user-facing language) retractions should be referred to as "Withdrawals", i.e.
"Retract Registration" -> "Withdraw Registration", "Retracted" -> "Withdrawn", etc.
"""
DISPLAY_NAME = 'Retraction'
SHORT_NAME = 'retraction'
AUTHORIZER_NOTIFY_EMAIL_TEMPLATE = mails.PENDING_RETRACTION_ADMIN
NON_AUTHORIZER_NOTIFY_EMAIL_TEMPLATE = mails.PENDING_RETRACTION_NON_ADMIN
VIEW_URL_TEMPLATE = VIEW_PROJECT_URL_TEMPLATE
APPROVE_URL_TEMPLATE = settings.DOMAIN + 'project/{node_id}/?token={token}'
REJECT_URL_TEMPLATE = settings.DOMAIN + 'project/{node_id}/?token={token}'
initiated_by = fields.ForeignField('user', backref='initiated')
justification = fields.StringField(default=None,
validate=MaxLengthValidator(2048))
def __repr__(self):
from website.project.model import Node
parent_registration = None
try:
parent_registration = Node.find_one(Q('retraction', 'eq', self))
except NoResultsFound:
pass
return ('<Retraction(parent_registration={0}, initiated_by={1}) '
'with _id {2}>').format(parent_registration, self.initiated_by,
self._id)
def _view_url_context(self, user_id, node):
from website.project.model import Node
registration = Node.find_one(Q('retraction', 'eq', self))
return {'node_id': registration._id}
def _approval_url_context(self, user_id):
user_approval_state = self.approval_state.get(user_id, {})
approval_token = user_approval_state.get('approval_token')
if approval_token:
from website.project.model import Node
root_registration = Node.find_one(Q('retraction', 'eq', self))
node_id = user_approval_state.get('node_id', root_registration._id)
return {
'node_id': node_id,
'token': approval_token,
}
def _rejection_url_context(self, user_id):
user_approval_state = self.approval_state.get(user_id, {})
rejection_token = user_approval_state.get('rejection_token')
if rejection_token:
from website.project.model import Node
root_registration = Node.find_one(Q('retraction', 'eq', self))
node_id = user_approval_state.get('node_id', root_registration._id)
registration = Node.load(node_id)
return {
'node_id': registration.registered_from._id,
'token': rejection_token,
}
def _email_template_context(self,
user,
node,
is_authorizer=False,
urls=None):
urls = urls or self.stashed_urls.get(user._id, {})
registration_link = urls.get('view', self._view_url(user._id, node))
if is_authorizer:
from website.project.model import Node
approval_link = urls.get('approve', '')
disapproval_link = urls.get('reject', '')
approval_time_span = settings.RETRACTION_PENDING_TIME.days * 24
registration = Node.find_one(Q('retraction', 'eq', self))
return {
'is_initiator': self.initiated_by == user,
'initiated_by': self.initiated_by.fullname,
'project_name': registration.title,
'registration_link': registration_link,
'approval_link': approval_link,
'disapproval_link': disapproval_link,
'approval_time_span': approval_time_span,
}
else:
return {
'initiated_by': self.initiated_by.fullname,
'registration_link': registration_link,
}
def _on_reject(self, user):
from website.project.model import Node, NodeLog
parent_registration = Node.find_one(Q('retraction', 'eq', self))
parent_registration.registered_from.add_log(
action=NodeLog.RETRACTION_CANCELLED,
params={
'node': parent_registration._id,
'retraction_id': self._id,
},
auth=Auth(user),
save=True,
)
def _on_complete(self, user):
from website.project.model import Node, NodeLog
parent_registration = Node.find_one(Q('retraction', 'eq', self))
parent_registration.registered_from.add_log(
action=NodeLog.RETRACTION_APPROVED,
params={
'node': parent_registration._id,
'retraction_id': self._id,
},
auth=Auth(self.initiated_by),
)
# Remove any embargoes associated with the registration
if parent_registration.embargo_end_date or parent_registration.is_pending_embargo:
parent_registration.embargo.state = self.REJECTED
parent_registration.registered_from.add_log(
action=NodeLog.EMBARGO_CANCELLED,
params={
'node': parent_registration._id,
'embargo_id': parent_registration.embargo._id,
},
auth=Auth(self.initiated_by),
)
parent_registration.embargo.save()
# Ensure retracted registration is public
# Pass auth=None because the registration initiator may not be
# an admin on components (component admins had the opportunity
# to disapprove the retraction by this point)
for node in parent_registration.node_and_primary_descendants():
node.set_privacy('public', auth=None, save=True, log=False)
node.update_search()
def approve_retraction(self, user, token):
self.approve(user, token)
def disapprove_retraction(self, user, token):
self.reject(user, token)
class ApiOAuth2Application(StoredObject):
"""Registration and key for user-created OAuth API applications
This collection is also used by CAS to create the master list of available applications.
Any changes made to field names in this model must be echoed in the CAS implementation.
"""
_id = fields.StringField(primary=True, default=lambda: str(ObjectId()))
# Client ID and secret. Use separate ID field so ID format doesn't have to be restricted to database internals.
client_id = fields.StringField(
default=lambda: uuid.uuid4().
hex, # Not *guaranteed* unique, but very unlikely
unique=True,
index=True)
client_secret = fields.StringField(default=generate_client_secret)
is_active = fields.BooleanField(
default=True, # Set to False if application is deactivated
index=True)
owner = fields.ForeignField('User', index=True, required=True)
# User-specified application descriptors
name = fields.StringField(
index=True,
required=True,
validate=[string_required, MaxLengthValidator(200)])
description = fields.StringField(required=False,
validate=MaxLengthValidator(1000))
date_created = fields.DateTimeField(auto_now_add=True, editable=False)
home_url = fields.StringField(required=True, validate=URLValidator())
callback_url = fields.StringField(required=True, validate=URLValidator())
def deactivate(self, save=False):
"""
Deactivate an ApiOAuth2Application
Does not delete the database record, but revokes all tokens and sets a flag that hides this instance from API
"""
client = cas.get_client()
# Will raise a CasHttpError if deletion fails, which will also stop setting of active=False.
resp = client.revoke_application_tokens(self.client_id,
self.client_secret) # noqa
self.is_active = False
if save:
self.save()
return True
def reset_secret(self, save=False):
"""
Reset the secret of an ApiOAuth2Application
Revokes all tokens
"""
client = cas.get_client()
client.revoke_application_tokens(self.client_id, self.client_secret)
self.client_secret = generate_client_secret()
if save:
self.save()
return True
@property
def url(self):
return '/settings/applications/{}/'.format(self.client_id)
@property
def absolute_url(self):
return urlparse.urljoin(settings.DOMAIN, self.url)
# Properties used by Django and DRF "Links: self" field
@property
def absolute_api_v2_url(self):
path = '/applications/{}/'.format(self.client_id)
return api_v2_url(path)
# used by django and DRF
def get_absolute_url(self):
return self.absolute_api_v2_url
class Foo(StoredObject):
_id = IntegerField()
test_field = StringField(list=True,
validate=MaxLengthValidator(3),
list_validate=MinLengthValidator(3))