def test_create_tag_and_tagset(self): """ Creates a Tagset then a Tag within the Tagset """ tsValue = 'testTagset' request_url = reverse("manage_action_containers", args=["addnewcontainer"]) data = {'folder_type': 'tagset', 'name': tsValue} response = post(self.django_client, request_url, data) tagsetId = json.loads(response.content).get("id") # check creation tagset = self.query.get('TagAnnotationI', tagsetId) assert tagset is not None assert tagset.ns.val == omero.constants.metadata.NSINSIGHTTAGSET assert tagset.textValue.val == tsValue # Add tag to the tagset request_url = reverse("manage_action_containers", args=["addnewcontainer", "tagset", tagsetId]) data = {'folder_type': 'tag', 'name': 'tagInTagset'} response2 = post(self.django_client, request_url, data) tagId = json.loads(response2.content).get("id") # Check that tag is listed under tagset... request_url = reverse("api_tags_and_tagged") data = {'id': tagsetId} data = get_json(self.django_client, request_url, data) assert len(data['tags']) == 1 assert data['tags'][0]['id'] == tagId
def test_edit_share(self): # create images images = [ self.create_test_image(session=self.sf), self.create_test_image(session=self.sf) ] sid = self.sf.getShareService().createShare("foobar", rtime(None), images, [self.user], [], True) request_url = reverse("manage_action_containers", args=["save", "share", sid]) data = { 'enable': 'on', 'image': [i.id.val for i in images], 'members': self.user.id.val, 'message': 'another foobar' } post(self.django_client, request_url, data) # remove image from share request_url = reverse("manage_action_containers", args=["removefromshare", "share", sid]) data = { 'source': images[1].id.val, } post(self.django_client, request_url, data)
def test_create_restricted_admin(self, privilege): """Test creation of restricted admin.""" uuid = self.uuid() groupid = self.new_group().id.val request_url = reverse('wamanageexperimenterid', args=["create"]) data = { "omename": uuid, "first_name": uuid, "last_name": uuid, "active": "on", "default_group": groupid, "other_groups": groupid, "password": uuid, "confirmation": uuid, "role": "restricted_administrator" } name, expected = privilege # Enable a single Privilege for this user data[name] = 'on' post(self.django_root_client, request_url, data, status_code=302) admin = self.client.sf.getAdminService() exp = admin.lookupExperimenter(uuid) privileges = [p.getValue().val for p in admin.getAdminPrivileges(exp)] assert set(expected) == set(privileges)
def test_create_tag(self): # Create User and Dataset in a Read-Annotate group client, user = self.new_client_and_user(perms='rwrw--') omeName = client.sf.getAdminService().getEventContext().userName django_client = self.new_django_client(omeName, omeName) ds = self.make_dataset("test_create_tag", client=client) tagname = "test_create_tag" desc = "The description of the new tag" request_url = reverse('annotate_tags') data = { 'dataset': ds.id.val, 'filter_mode': 'any', 'filter_owner_mode': 'all', 'index': 0, 'newtags-0-tag': tagname, 'newtags-0-description': desc, 'newtags-INITIAL_FORMS': 0, 'newtags-MAX_NUM_FORMS': 1000, 'newtags-TOTAL_FORMS': 1, 'tags': "", } post(django_client, request_url, data) # Check tag exists on Dataset request_url = reverse('api_annotations') data = {"dataset": ds.id.val} rsp = get_json(django_client, request_url, data) tagNames = [t['textValue'] for t in rsp['annotations']] assert tagNames == [tagname]
def test_attach_file(self): # Due to EOF both posts must be test separately # Bad post img = self.image_with_channels() try: temp = tempfile.NamedTemporaryFile(suffix='.csrf') temp.write("Testing without csrf token") temp.seek(0) request_url = reverse('annotate_file') data = {'image': img.id.val, 'index': 0, 'annotation_file': temp} post(self.django_client, request_url, data) finally: temp.close() # Good post try: temp = tempfile.NamedTemporaryFile(suffix='.csrf') temp.write("Testing csrf token") temp.seek(0) request_url = reverse('annotate_file') data = {'image': img.id.val, 'index': 0, 'annotation_file': temp} post(self.django_client, request_url, data) finally: temp.close()
def test_edit_tag_and_tagset(self, dtype): """ Creates Tag/Tagset and tests editing of name and description """ request_url = reverse("manage_action_containers", args=["addnewcontainer"]) data = {'folder_type': dtype, 'name': 'beforeEdit'} response = post(self.django_client, request_url, data) tagId = json.loads(response.content).get("id") # Edit name request_url = reverse("manage_action_containers", args=["savename", dtype, tagId]) data = {'name': 'afterEdit'} response = post(self.django_client, request_url, data) # Edit description request_url = reverse("manage_action_containers", args=["savedescription", dtype, tagId]) data = {'description': 'New description after editing'} response = post(self.django_client, request_url, data) # check edited name and description tagset = self.query.get('TagAnnotationI', tagId) assert tagset is not None if dtype == "tagset": assert tagset.ns.val == omero.constants.metadata.NSINSIGHTTAGSET assert tagset.textValue.val == 'afterEdit' assert tagset.description.val == 'New description after editing'
def test_batch_add_fileannotations(self, link_count): """Test adding file annotation to Project(s).""" client, user = self.new_client_and_user(perms='rwrw--') omeName = client.sf.getAdminService().getEventContext().userName django_client1 = self.new_django_client(omeName, omeName) # User creates 2 Projects pr1 = self.make_project("test_batch_file_ann1", client=client) pr2 = self.make_project("test_batch_file_ann2", client=client) pr_ids = [pr1.id.val, pr2.id.val] # Create File and FileAnnotation fname = "fname_%s" % client.getSessionId() update = client.sf.getUpdateService() f = omero.model.OriginalFileI() f.name = omero.rtypes.rstring(fname) f.path = omero.rtypes.rstring("") f = update.saveAndReturnObject(f) fa = omero.model.FileAnnotationI() fa.setFile(f) fa = update.saveAndReturnObject(fa) # get form for annotating both Projects request_url = reverse('annotate_file') data = {"project": pr_ids} rsp = get(django_client1, request_url, data) html = rsp.content.decode('utf-8') assert fname in html # Link File Annotation to 1 or 2 Projects post_data = {"project": pr_ids[0:link_count], "files": [fa.id.val]} post(django_client1, request_url, post_data) # Check for link to first Project api_ann_url = reverse('api_annotations') rsp = get_json(django_client1, api_ann_url, {"project": pr1.id.val}) assert fa.id.val in [a['id'] for a in rsp['annotations']] # Annotation Form should NOT show file if linked to BOTH projects show_file = link_count == 1 rsp = get(django_client1, request_url, data) html = rsp.content.decode('utf-8') assert (fname in html) == show_file # Remove file from both Projects remove_url = reverse('manage_action_containers', kwargs={ 'action': 'remove', 'o_type': 'file', 'o_id': fa.id.val }) remove_data = { 'parent': 'project-%s|project-%s' % (pr1.id.val, pr2.id.val) } post(django_client1, remove_url, remove_data) # Check for NO link rsp = get_json(django_client1, api_ann_url, {"project": pr1.id.val}) assert fa.id.val not in [a['id'] for a in rsp['annotations']]
def test_add_and_remove_comment(self): request_url = reverse('annotate_comment') data = { 'comment': 'foobar', 'image': self.image_with_channels().id.val } post(self.django_client, request_url, data)
def test_apply_owners_rendering_settings(self): img = self.create_test_image(session=self.sf) request_url = reverse('reset_owners_rdef_json') data = {'toids': img.id.val, 'to_type': 'image'} post(self.django_client, request_url, data)
def test_edit_group(self): group = self.new_group(perms="rw----") request_url = reverse('wamanagegroupid', args=["save", group.id.val]) data = { "name": group.name.val, "description": "description", "permissions": 0 } post(self.django_root_client, request_url, data, status_code=302)
def test_add_edit_and_remove_tag(self): # Add tag img = self.make_image() tag = self.new_tag() request_url = reverse('annotate_tags') data = { 'image': img.id.val, 'filter_mode': 'any', 'filter_owner_mode': 'all', 'index': 0, 'newtags-0-description': '', 'newtags-0-tag': 'foobar', 'newtags-0-tagset': '', 'newtags-INITIAL_FORMS': 0, 'newtags-MAX_NUM_FORMS': 1000, 'newtags-TOTAL_FORMS': 1, 'tags': tag.id.val } rsp = post(self.django_client, request_url, data) rspJson = json.loads(rsp.content) assert len(rspJson['new']) == 1 newTagId = rspJson['new'][0] assert rspJson['added'] == [tag.id.val] # Check that image is tagged with both tags request_url = reverse("api_annotations") data = {'image': img.id.val, 'type': 'tag'} data = get_json(self.django_client, request_url, data) assert len(data['annotations']) == 2 # Remove tag request_url = reverse("manage_action_containers", args=["remove", "tag", tag.id.val]) data = {'index': 0, 'parent': "image-%i" % img.id.val} post(self.django_client, request_url, data) # Check that tag is removed request_url = reverse("api_annotations") data = {'image': img.id.val, 'type': 'tag'} data = get_json(self.django_client, request_url, data) assert len(data['annotations']) == 1 # Delete other tag request_url = reverse("manage_action_containers", args=["delete", "tag", newTagId]) post(self.django_client, request_url, {}) # Check that tag is deleted from image request_url = reverse("api_annotations") data = {'image': img.id.val, 'type': 'tag'} completed = False # Async delete - Keep checking until done for t in range(20): rsp = get_json(self.django_client, request_url, data) if len(rsp['annotations']) == 0: completed = True break sleep(0.1) assert completed
def test_myaccount(self): request_url = reverse('wamyaccount', args=["save"]) data = { "omename": self.user.omeName.val, "first_name": self.user.omeName.val, "last_name": self.user.lastName.val, "institution": "foo bar", "default_group": self.group.id.val } post(self.django_client, request_url, data, status_code=302)
def test_edit_channel_names(self): """ CSRF protection does not check `GET` requests so we need to be sure that this request results in an HTTP 405 (method not allowed) status code. """ img = self.image_with_channels() data = {'channel0': 'foobar'} request_url = reverse('edit_channel_names', args=[img.id.val]) get(self.django_client, request_url, data, status_code=405, csrf=True) post(self.django_client, request_url, data)
def test_move_data(self): group_id = self.new_group(experimenters=[self.user]).id.val request_url = reverse('chgrp') data = { 'image': self.image_with_channels().id.val, 'group_id': group_id } post(self.django_root_client, request_url, data)
def test_save_experimenter(self): """Test edit of User""" # Create User in 2 groups uuid = self.uuid() groupid = self.new_group().id.val groupid2 = self.new_group().id.val groupid3 = self.new_group().id.val request_url = reverse('wamanageexperimenterid', args=["create"]) data = { "omename": uuid, "first_name": uuid, "last_name": uuid, "active": "on", "default_group": groupid, "other_groups": [groupid, groupid2], "password": uuid, "confirmation": uuid, "role": "user", } post(self.django_root_client, request_url, data, status_code=302) # Check that user was created in groups admin = self.root.sf.getAdminService() exp = admin.lookupExperimenter(uuid) exp_id = exp.id.val exp_gids = [m.parent.id.val for m in exp.copyGroupExperimenterMap()] # first group is default group assert exp_gids[0] == groupid assert groupid2 in exp_gids # Edit names, change default group, add group, remove group new_name = "new_name_%s" % uuid new_lastname = "new_lastname_%s" % uuid request_url = reverse('wamanageexperimenterid', args=["save", exp_id]) data = { "omename": uuid, "first_name": new_name, "last_name": new_lastname, "active": "on", "default_group": groupid2, "other_groups": [groupid2, groupid3], "role": "user", } post(self.django_root_client, request_url, data, status_code=302) # Check exp = admin.lookupExperimenter(uuid) assert exp.firstName.val == new_name assert exp.lastName.val == new_lastname exp_id = exp.id.val exp_gids = [m.parent.id.val for m in exp.copyGroupExperimenterMap()] # first group is default group assert exp_gids[0] == groupid2 assert groupid not in exp_gids assert groupid3 in exp_gids
def test_edit_user(self): user = self.new_user() request_url = reverse('wamanageexperimenterid', args=["save", user.id.val]) data = { "omename": user.omeName.val, "first_name": user.firstName.val, "last_name": user.lastName.val, "default_group": user.copyGroupExperimenterMap()[0].parent.id.val, "other_groups": user.copyGroupExperimenterMap()[0].parent.id.val, } post(self.django_root_client, request_url, data, status_code=302)
def test_change_password(self): user = self.new_user() request_url = reverse('wamanagechangepasswordid', args=[user.id.val]) data = { "old_password": self.root.ic.getProperties().getProperty('omero.rootpass'), "password": "******", "confirmation": "new" } post(self.django_root_client, request_url, data)
def test_ome_tiff_script(self): """ CSRF protection does not check `GET` requests so we need to be sure that this request results in an HTTP 405 (method not allowed) status code. """ img = self.create_test_image(session=self.sf) request_url = reverse('ome_tiff_script', args=[img.id.val]) post(self.django_client, request_url, {}) get(self.django_client, request_url, status_code=405)
def test_create_share(self): img = self.make_image() request_url = reverse("manage_action_containers", args=["add", "share"]) data = { 'enable': 'on', 'image': img.id.val, 'members': self.user.id.val, 'message': 'foobar' } post(self.django_client, request_url, data)
def test_su(self): """ CSRF protection does not check `GET` requests so we need to be sure that this request results in an HTTP 405 (method not allowed) status code. """ user = self.new_user() request_url = reverse('webgateway_su', args=[user.omeName.val]) get(self.django_root_client, request_url, {}, csrf=True) post(self.django_root_client, request_url)
def test_edit_group_by_owner(self): self.add_groups(experimenter=self.user, groups=[self.group], owner=True) request_url = reverse('wamanagegroupownerid', args=["save", self.group.id.val]) data = { "members": self.user.id.val, "owners": self.user.id.val, "permissions": 0 } post(self.django_client, request_url, data, status_code=302)
def test_create_user(self): uuid = self.uuid() groupid = self.new_group().id.val request_url = reverse('wamanageexperimenterid', args=["create"]) data = { "omename": uuid, "first_name": uuid, "last_name": uuid, "active": "on", "default_group": groupid, "other_groups": groupid, "password": uuid, "confirmation": uuid, "role": "user", } post(self.django_root_client, request_url, data, status_code=302)
def test_login_view(self): """ Test that a successful logout redirects to custom login view """ django_client = self.django_root_client request_url = reverse('test_weblogin') data = { 'server': 1, 'username': self.ctx.userName, 'password': self.ctx.userName, } rsp = post(django_client, request_url, data, status_code=302) request_url = reverse('weblogout') rsp = post(django_client, request_url, {}, status_code=302) assert rsp['Location'].endswith(reverse('test_weblogin')) assert not rsp['Location'].endswith(reverse('weblogin'))
def test_add_remove_tags(self): # Test performance with lots of tags. # See https://github.com/openmicroscopy/openmicroscopy/pull/4842 img_count = 200 tag_count = 10 iids = [self.make_image().id.val for i in range(img_count)] tagIds = [str(self.new_tag().id.val) for i in range(tag_count)] tagIds = ",".join(tagIds) request_url = reverse('annotate_tags') data = { 'image': iids, 'filter_mode': 'any', 'filter_owner_mode': 'all', 'index': 0, 'newtags-INITIAL_FORMS': 0, 'newtags-MAX_NUM_FORMS': 1000, 'newtags-TOTAL_FORMS': 0, 'tags': tagIds } rsp = post(self.django_client, request_url, data) rspJson = json.loads(rsp.content) assert len(rspJson['added']) == tag_count # Check that tags are added to all images anns_url = reverse("api_annotations") query_string = '&'.join(['image=%s' % i for i in iids]) query_string += '&type=tag' query_string += '&page=0' # disable pagination rsp = self.django_client.get('%s?%s' % (anns_url, query_string)) rspJson = json.loads(rsp.content) assert len(rspJson['annotations']) == img_count * tag_count # Remove tags data = { 'image': iids, 'filter_mode': 'any', 'filter_owner_mode': 'all', 'index': 0, 'newtags-INITIAL_FORMS': 0, 'newtags-MAX_NUM_FORMS': 1000, 'newtags-TOTAL_FORMS': 0, 'tags': '' } post(self.django_client, request_url, data) # Check tags removed rsp = self.django_client.get('%s?%s' % (anns_url, query_string)) rspJson = json.loads(rsp.content) assert len(rspJson['annotations']) == 0
def test_reset_rendering_settings(self): """ CSRF protection does not check `GET` requests so we need to be sure that this request results in an HTTP 405 (method not allowed) status code. """ img = self.create_test_image(session=self.sf) # Reset through webclient as it is calling directly # webgateway.reset_image_rdef_json request_url = reverse('reset_rdef_json') data = {'toids': img.id.val, 'to_type': 'image'} post(self.django_client, request_url, data) get(self.django_client, request_url, data, status_code=405) get(self.django_client, request_url, data, status_code=405, csrf=True)
def test_copy_past_rendering_settings_from_image(self): # Create 2 images with 2 channels each iid1 = self.create_test_image(size_c=2, session=self.sf).id.val iid2 = self.create_test_image(size_c=2, session=self.sf).id.val conn = omero.gateway.BlitzGateway(client_obj=self.client) # image1 set color model image1 = conn.getObject("Image", iid1) image1.resetDefaults() image1.setColorRenderingModel() image1.setQuantizationMap(0, "logarithmic", 0.5) image1.saveDefaults() image1 = conn.getObject("Image", iid1) # image2 set greyscale model image2 = conn.getObject("Image", iid2) image2.setGreyscaleRenderingModel() image2.saveDefaults() image2 = conn.getObject("Image", iid2) assert image1.isGreyscaleRenderingModel() is False assert image2.isGreyscaleRenderingModel() is True img1_chan = image1.getChannels()[0] assert img1_chan.getFamily().getValue() == 'logarithmic' assert img1_chan.getCoefficient() == 0.5 img2_chan = image2.getChannels()[0] assert img2_chan.getFamily().getValue() == 'linear' assert img2_chan.getCoefficient() == 1.0 # copy rendering settings from image1 via ID request_url = reverse('copy_image_rdef_json') data = {"fromid": iid1} get(self.django_client, request_url, data) # paste rendering settings to image2 data = {'toids': iid2} post(self.django_client, request_url, data) image2 = conn.getObject("Image", iid2) assert image2.isGreyscaleRenderingModel() is False img2_chan = image2.getChannels()[0] assert img2_chan.getFamily().getValue() == 'logarithmic' assert img2_chan.getCoefficient() == 0.5
def test_add_and_rename_container(self): # Add project request_url = reverse("manage_action_containers", args=["addnewcontainer"]) data = {'folder_type': 'project', 'name': 'foobar'} response = post(self.django_client, request_url, data) pid = json.loads(response.content).get("id") # Add dataset to the project request_url = reverse("manage_action_containers", args=["addnewcontainer", "project", pid]) data = {'folder_type': 'dataset', 'name': 'foobar'} post(self.django_client, request_url, data) # Rename project request_url = reverse("manage_action_containers", args=["savename", "project", pid]) data = {'name': 'anotherfoobar'} post(self.django_client, request_url, data) # Change project description request_url = reverse("manage_action_containers", args=["savedescription", "project", pid]) data = {'description': 'anotherfoobar'} post(self.django_client, request_url, data)
def test_required_fields(self, required_field): """Test form validation with required fields missing.""" uuid = self.uuid() request_url = reverse('wamanagegroupid', args=["create"]) data = {"name": uuid, "permissions": "0"} field, error = required_field del data[field] rsp = post(self.django_root_client, request_url, data) assert error in rsp.content
def test_restricted_admin_create_edit_user(self): """Test create & edit user doesn't allow privilege escalation.""" exp = self.new_user(privileges=[ 'Chown', 'ModifyGroup', 'ModifyUser', 'ModifyGroupMembership' ]) ome_name = exp.omeName.val django_client = self.new_django_client(ome_name, ome_name) uuid = self.uuid() groupid = self.new_group().id.val request_url = reverse('wamanageexperimenterid', args=["create"]) data = { "omename": uuid, "first_name": uuid, "last_name": uuid, "active": "on", "default_group": groupid, "other_groups": groupid, "password": uuid, "confirmation": uuid, "role": "restricted_administrator", "Sudo": 'on', # Sudo and Chgrp should be ignored (escalation) "Chgrp": 'on', "ModifyGroup": 'on', # Should be applied } post(django_client, request_url, data, status_code=302) # Check that user was created admin = self.client.sf.getAdminService() exp = admin.lookupExperimenter(uuid) # Check Privileges privileges = [p.getValue().val for p in admin.getAdminPrivileges(exp)] assert privileges == ['ModifyGroup'] # Edit user request_url = reverse('wamanageexperimenterid', args=["save", exp.id.val]) # Add & remove privileges data['Chown'] = 'on' del data['ModifyGroup'] post(django_client, request_url, data, status_code=302) privileges = [p.getValue().val for p in admin.getAdminPrivileges(exp)] assert privileges == ['Chown']
def annotate_tags_dataset(django_client, dsId, tagIds): """ Links the specified dataset and tags """ # 'newtags-0-description': '', # 'newtags-0-tag': 'foobar', # 'newtags-0-tagset': '', request_url = reverse('annotate_tags') data = { 'dataset': dsId, 'filter_mode': 'any', 'filter_owner_mode': 'all', 'index': 0, 'newtags-INITIAL_FORMS': 0, 'newtags-MAX_NUM_FORMS': 1000, 'newtags-TOTAL_FORMS': 0, 'tags': ",".join([str(i) for i in tagIds]) } post(django_client, request_url, data)