def test_project_share_remove_user(self):
self._project_create()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
view = ProjectViewSet.as_view({
'post': 'share'
})
projectid = self.project.pk
role_class = ReadOnlyRole
data = {'username': '******', 'role': role_class.name}
request = self.factory.post('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
self.assertTrue(role_class.user_has_role(alice_profile.user,
self.project))
view = ProjectViewSet.as_view({
'post': 'share'
})
data['remove'] = True
request = self.factory.post('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
self.assertFalse(role_class.user_has_role(alice_profile.user,
self.project))
def test_owner_cannot_remove_self_if_no_other_owner(self):
self._project_create()
view = ProjectViewSet.as_view({'put': 'share'})
data = {'username': '******', 'remove': True, 'role': 'owner'}
request = self.factory.put('/', data=data, **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 400)
error = {'remove': [u"Project requires at least one owner"]}
self.assertEquals(response.data, error)
self.assertTrue(OwnerRole.user_has_role(self.user, self.project))
alice_data = {'username': '******', 'email': '*****@*****.**'}
profile = self._create_user_profile(alice_data)
OwnerRole.add(profile.user, self.project)
view = ProjectViewSet.as_view({'put': 'share'})
data = {'username': '******', 'remove': True, 'role': 'owner'}
request = self.factory.put('/', data=data, **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 204)
self.assertFalse(OwnerRole.user_has_role(self.user, self.project))
def test_project_share_remove_user(self):
self._project_create()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
view = ProjectViewSet.as_view({
'post': 'share'
})
projectid = self.project.pk
role_class = ReadOnlyRole
data = {'username': '******', 'role': role_class.name}
request = self.factory.post('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
self.assertTrue(role_class.user_has_role(alice_profile.user,
self.project))
view = ProjectViewSet.as_view({
'post': 'share'
})
data['remove'] = True
request = self.factory.post('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
self.assertFalse(role_class.user_has_role(alice_profile.user,
self.project))
def test_data_in_public_project(self):
self._make_submissions()
view = DataViewSet.as_view({'get': 'list'})
request = self.factory.get('/', **self.extra)
formid = self.xform.pk
response = view(request, pk=formid)
self.assertEquals(response.status_code, 200)
self.assertEqual(len(response.data), 4)
# get project id
projectid = self.xform.project.pk
view = ProjectViewSet.as_view({'put': 'update'})
data = {
'shared': True,
'name': 'test project',
'owner': 'http://testserver/api/v1/users/%s' % self.user.username
}
request = self.factory.put('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 200)
# anonymous user
view = DataViewSet.as_view({'get': 'list'})
request = self.factory.get('/')
formid = self.xform.pk
response = view(request, pk=formid)
self.assertEquals(response.status_code, 200)
self.assertEqual(len(response.data), 4)
def _publish_xls_form_to_project(self):
self._project_create()
view = ProjectViewSet.as_view({
'post': 'forms'
})
project_id = self.project.pk
data = {
'owner': 'http://testserver/api/v1/users/bob',
'public': False,
'public_data': False,
'description': u'',
'downloadable': True,
'is_crowd_form': False,
'allows_sms': False,
'encrypted': False,
'sms_id_string': u'transportation_2011_07_25',
'id_string': u'transportation_2011_07_25',
'title': u'transportation_2011_07_25',
'bamboo_dataset': u''
}
path = os.path.join(
settings.PROJECT_ROOT, "apps", "main", "tests", "fixtures",
"transportation", "transportation.xls")
with open(path) as xls_file:
post_data = {'xls_file': xls_file}
request = self.factory.post('/', data=post_data, **self.extra)
response = view(request, owner='bob', pk=project_id)
self.assertEqual(response.status_code, 201)
self.xform = self.user.xforms.all()[0]
data.update({
'url':
'http://testserver/api/v1/forms/bob/%s' % self.xform.pk
})
self.assertDictContainsSubset(data, response.data)
self.form_data = response.data
def test_projects_get(self):
self._project_create()
view = ProjectViewSet.as_view({'get': 'retrieve'})
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, self.project_data)
def test_view_xls_form(self):
self._publish_xls_form_to_project()
view = ProjectViewSet.as_view({'get': 'forms'})
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [self.form_data])
def test_project_share_endpoint(self):
self._project_create()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
view = ProjectViewSet.as_view({
'post': 'share'
})
projectid = self.project.pk
ROLES = [ReadOnlyRole,
DataEntryRole,
EditorRole,
ManagerRole,
OwnerRole]
for role_class in ROLES:
self.assertFalse(role_class.user_has_role(alice_profile.user,
self.project))
data = {'username': '******', 'role': role_class.name}
request = self.factory.post('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
self.assertTrue(role_class.user_has_role(alice_profile.user,
self.project))
data = {'username': '******', 'role': ''}
request = self.factory.post('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 400)
def test_forms_endpoint_with_metadata(self):
date_modified = self.xform.date_modified
for data_type in ['supporting_doc', 'media', 'source']:
self._add_form_metadata(self.xform, data_type,
self.data_value, self.path)
self.xform.refresh_from_db()
self.assertNotEqual(date_modified, self.xform.date_modified)
# /forms
view = XFormViewSet.as_view({
'get': 'retrieve'
})
formid = self.xform.pk
request = self.factory.get('/', **self.extra)
response = view(request, pk=formid)
self.assertEqual(response.status_code, 200)
data = XFormSerializer(self.xform, context={'request': request}).data
self.assertEqual(response.data, data)
# /projects/[pk]/forms
view = ProjectViewSet.as_view({
'get': 'forms'
})
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [data])
def test_project_get_starred_by(self):
self._project_create()
# add star as bob
view = ProjectViewSet.as_view({'get': 'star', 'post': 'star'})
request = self.factory.post('/', **self.extra)
response = view(request, pk=self.project.pk)
# ensure email not shared
user_profile_data = self.user_profile_data()
del user_profile_data['email']
alice_data = {'username': '******', 'email': '*****@*****.**'}
self._login_user_and_profile(alice_data)
# add star as alice
request = self.factory.post('/', **self.extra)
response = view(request, pk=self.project.pk)
# get star users as alice
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.data), 2)
alice_profile, bob_profile = sorted(response.data,
key=itemgetter('username'))
self.assertEquals(sorted(bob_profile.items()),
sorted(user_profile_data.items()))
self.assertEqual(alice_profile['username'], 'alice')
def test_move_project_owner(self):
# create project and publish form to project
self._publish_xls_form_to_project()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
alice = alice_profile.user
projectid = self.project.pk
self.assertFalse(OwnerRole.user_has_role(alice, self.project))
view = ProjectViewSet.as_view({
'patch': 'partial_update'
})
data_patch = {
'owner': 'http://testserver/api/v1/users/%s' % alice.username
}
request = self.factory.patch('/', data=data_patch, **self.extra)
response = view(request, pk=projectid)
self.project.reload()
self.assertEqual(response.status_code, 200)
self.assertEquals(self.project.organization, alice)
self.assertTrue(OwnerRole.user_has_role(alice, self.project))
def test_get_starred_projects(self):
self._project_create()
# add star as bob
view = ProjectViewSet.as_view({
'get': 'star',
'post': 'star'
})
request = self.factory.post('/', **self.extra)
response = view(request, pk=self.project.pk)
# get starred projects
view = ConnectViewSet.as_view({
'get': 'starred',
})
request = self.factory.get('/', **self.extra)
response = view(request, user=self.user)
self.assertEqual(response.status_code, 200)
self.project.refresh_from_db()
request.user = self.user
self.project_data = ProjectSerializer(
self.project, context={'request': request}).data
del self.project_data['date_modified']
del response.data[0]['date_modified']
self.assertEqual(len(response.data), 1)
self.assertDictEqual(dict(response.data[0]), dict(self.project_data))
def test_data_in_public_project(self):
self._make_submissions()
view = DataViewSet.as_view({'get': 'list'})
request = self.factory.get('/', **self.extra)
formid = self.xform.pk
response = view(request, pk=formid)
self.assertEquals(response.status_code, 200)
self.assertEqual(len(response.data), 4)
# get project id
projectid = self.xform.project.pk
view = ProjectViewSet.as_view({
'put': 'update'
})
data = {'shared': True,
'name': 'test project',
'owner': 'http://testserver/api/v1/users/%s'
% self.user.username}
request = self.factory.put('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 200)
# anonymous user
view = DataViewSet.as_view({'get': 'list'})
request = self.factory.get('/')
formid = self.xform.pk
response = view(request, pk=formid)
self.assertEquals(response.status_code, 200)
self.assertEqual(len(response.data), 4)
def test_form_inherits_permision_from_project(self):
self._publish_xls_form_to_project()
self._make_submissions()
project_view = ProjectViewSet.as_view({'get': 'retrieve'})
xform_view = XFormViewSet.as_view({'get': 'retrieve'})
data_view = DataViewSet.as_view({'get': 'list'})
alice_data = {'username': '******', 'email': '*****@*****.**'}
self._login_user_and_profile(extra_post_data=alice_data)
formid = self.xform.pk
project_id = self.project.pk
request = self.factory.get('/', **self.extra)
response = xform_view(request, pk=formid)
self.assertEqual(response.status_code, 404)
response = data_view(request, pk=formid)
self.assertEqual(response.status_code, 404)
# Give owner role to the project
role.OwnerRole.add(self.user, self.project)
response = project_view(request, pk=project_id)
self.assertEqual(response.status_code, 200)
response = xform_view(request, pk=formid)
self.assertEqual(response.status_code, 200)
response = data_view(request, pk=formid)
self.assertEqual(response.status_code, 200)
def _project_create(self, project_data={}, merge=True):
view = ProjectViewSet.as_view({
'post': 'create'
})
if merge:
data = {
'name': u'demo',
'owner':
'http://testserver/api/v1/users/%s' % self.user.username,
'metadata': {'description': 'Some description',
'location': 'Naivasha, Kenya',
'category': 'governance'},
'public': False
}
data.update(project_data)
else:
data = project_data
request = self.factory.post(
'/', data=json.dumps(data),
content_type="application/json", **self.extra)
response = view(request, owner=self.user.username)
self.assertEqual(response.status_code, 201)
self.project = Project.objects.filter(
name=data['name'], created_by=self.user)[0]
data['url'] = 'http://testserver/api/v1/projects/%s'\
% self.project.pk
self.assertDictContainsSubset(data, response.data)
self.project_data = ProjectSerializer(
self.project, context={'request': request}).data
def test_forms_endpoint_with_metadata(self):
date_modified = self.xform.date_modified
for data_type in ['supporting_doc', 'media', 'source']:
self._add_form_metadata(self.xform, data_type,
self.data_value, self.path)
self.xform.reload()
self.assertNotEqual(date_modified, self.xform.date_modified)
# /forms
view = XFormViewSet.as_view({
'get': 'retrieve'
})
formid = self.xform.pk
request = self.factory.get('/', **self.extra)
response = view(request, pk=formid)
self.assertEqual(response.status_code, 200)
data = XFormSerializer(self.xform, context={'request': request}).data
self.assertEqual(response.data, data)
# /projects/[pk]/forms
view = ProjectViewSet.as_view({
'get': 'forms'
})
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [data])
def test_project_get_starred_by(self):
self._project_create()
# add star as bob
view = ProjectViewSet.as_view({
'get': 'star',
'post': 'star'
})
request = self.factory.post('/', **self.extra)
response = view(request, pk=self.project.pk)
# ensure email not shared
user_profile_data = self.user_profile_data()
del user_profile_data['email']
alice_data = {'username': '******', 'email': '*****@*****.**'}
self._login_user_and_profile(alice_data)
# add star as alice
request = self.factory.post('/', **self.extra)
response = view(request, pk=self.project.pk)
# get star users as alice
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.data), 2)
alice_profile, bob_profile = sorted(response.data,
key=itemgetter('username'))
self.assertEquals(sorted(bob_profile.items()),
sorted(user_profile_data.items()))
self.assertEqual(alice_profile['username'], 'alice')
def test_publish_xlsform_using_url_upload(self, mock_urlopen):
with HTTMock(enketo_mock):
self._project_create()
view = ProjectViewSet.as_view({
'post': 'forms'
})
pre_count = XForm.objects.count()
project_id = self.project.pk
xls_url = 'https://ona.io/examples/forms/tutorial/form.xlsx'
path = os.path.join(
settings.PROJECT_ROOT, "apps", "main", "tests", "fixtures",
"transportation", "transportation_different_id_string.xlsx")
xls_file = open(path)
mock_urlopen.return_value = xls_file
post_data = {'xls_url': xls_url}
request = self.factory.post('/', data=post_data, **self.extra)
response = view(request, pk=project_id)
mock_urlopen.assert_called_with(xls_url)
xls_file.close()
self.assertEqual(response.status_code, 201)
self.assertEqual(XForm.objects.count(), pre_count + 1)
def test_assign_form_to_project(self):
view = ProjectViewSet.as_view({
'post': 'forms',
'get': 'retrieve'
})
self._publish_xls_form_to_project()
formid = self.xform.pk
old_project = self.project
project_name = u'another project'
self._project_create({'name': project_name})
self.assertTrue(self.project.name == project_name)
project_id = self.project.pk
post_data = {'formid': formid}
request = self.factory.post('/', data=post_data, **self.extra)
response = view(request, pk=project_id)
self.assertEqual(response.status_code, 201)
self.assertTrue(self.project.projectxform_set.filter(xform=self.xform))
self.assertFalse(old_project.projectxform_set.filter(xform=self.xform))
# check if form added appears in the project details
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertIn('forms', response.data.keys())
self.assertEqual(len(response.data['forms']), 1)
def test_project_all_users_can_share_remove_themselves(self):
self._publish_xls_form_to_project()
alice_data = {'username': '******', 'email': '*****@*****.**'}
self._login_user_and_profile(alice_data)
view = ProjectViewSet.as_view({
'put': 'share'
})
data = {'username': '******', 'remove': True}
for role_name, role_class in role.ROLES.iteritems():
ShareProject(self.project, 'alice', role_name).save()
self.assertTrue(role_class.user_has_role(self.user,
self.project))
self.assertTrue(role_class.user_has_role(self.user,
self.xform))
data['role'] = role_name
request = self.factory.put('/', data=data, **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 204)
self.assertFalse(role_class.user_has_role(self.user,
self.project))
self.assertFalse(role_class.user_has_role(self.user,
self.xform))
def test_project_manager_can_assign_form_to_project_no_perm(self):
# user must have owner/manager permissions
view = ProjectViewSet.as_view({
'post': 'forms',
'get': 'retrieve'
})
self._publish_xls_form_to_project()
# alice user is not manager to both projects
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
self.assertFalse(ManagerRole.user_has_role(alice_profile.user,
self.project))
formid = self.xform.pk
project_name = u'another project'
self._project_create({'name': project_name})
self.assertTrue(self.project.name == project_name)
ManagerRole.add(alice_profile.user, self.project)
self.assertTrue(ManagerRole.user_has_role(alice_profile.user,
self.project))
self._login_user_and_profile(alice_data)
project_id = self.project.pk
post_data = {'formid': formid}
request = self.factory.post('/', data=post_data, **self.extra)
response = view(request, pk=project_id)
self.assertEqual(response.status_code, 403)
def test_assign_form_to_project(self):
view = ProjectViewSet.as_view({
'post': 'forms',
'get': 'retrieve'
})
self._publish_xls_form_to_project()
formid = self.xform.pk
old_project = self.project
project_name = u'another project'
self._project_create({'name': project_name})
self.assertTrue(self.project.name == project_name)
project_id = self.project.pk
post_data = {'formid': formid}
request = self.factory.post('/', data=post_data, **self.extra)
response = view(request, pk=project_id)
self.assertEqual(response.status_code, 201)
self.assertTrue(self.project.projectxform_set.filter(xform=self.xform))
self.assertFalse(old_project.projectxform_set.filter(xform=self.xform))
# check if form added appears in the project details
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertIn('forms', response.data.keys())
self.assertEqual(len(response.data['forms']), 1)
def test_project_share_inactive_user(self):
# create project and publish form to project
self._publish_xls_form_to_project()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
# set the user inactive
self.assertTrue(alice_profile.user.is_active)
alice_profile.user.is_active = False
alice_profile.user.save()
projectid = self.project.pk
self.assertFalse(ReadOnlyRole.user_has_role(alice_profile.user,
self.project))
data = {'username': '******', 'role': ReadOnlyRole.name}
request = self.factory.put('/', data=data, **self.extra)
view = ProjectViewSet.as_view({
'put': 'share'
})
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 400)
self.assertEqual(response.data, {'username': [u'User is not active']})
self.assertFalse(ReadOnlyRole.user_has_role(alice_profile.user,
self.project))
self.assertFalse(ReadOnlyRole.user_has_role(alice_profile.user,
self.xform))
def test_project_share_readonly(self):
# create project and publish form to project
self._publish_xls_form_to_project()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
projectid = self.project.pk
self.assertFalse(ReadOnlyRole.user_has_role(alice_profile.user,
self.project))
data = {'username': '******', 'role': ReadOnlyRole.name}
request = self.factory.put('/', data=data, **self.extra)
view = ProjectViewSet.as_view({
'put': 'share'
})
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
self.assertTrue(ReadOnlyRole.user_has_role(alice_profile.user,
self.project))
self.assertTrue(ReadOnlyRole.user_has_role(alice_profile.user,
self.xform))
perms = role.get_object_users_with_permissions(self.project)
for p in perms:
user = p.get('user')
if user == alice_profile.user:
r = p.get('role')
self.assertEquals(r, ReadOnlyRole.name)
def test_get_starred_projects(self):
self._project_create()
# add star as bob
view = ProjectViewSet.as_view({
'get': 'star',
'post': 'star'
})
request = self.factory.post('/', **self.extra)
response = view(request, pk=self.project.pk)
# get starred projects
view = ConnectViewSet.as_view({
'get': 'starred',
})
request = self.factory.get('/', **self.extra)
response = view(request, user=self.user)
self.assertEqual(response.status_code, 200)
self.project.refresh_from_db()
request.user = self.user
self.project_data = ProjectSerializer(
self.project, context={'request': request}).data
del self.project_data['date_modified']
del response.data[0]['date_modified']
self.assertEqual(len(response.data), 1)
self.assertDictEqual(dict(response.data[0]), dict(self.project_data))
def _project_create(self, project_data={}, merge=True):
view = ProjectViewSet.as_view({
'post': 'create'
})
if merge:
data = {
'name': u'demo',
'owner':
'http://testserver/api/v1/users/%s' % self.user.username,
'metadata': {'description': 'Some description',
'location': 'Naivasha, Kenya',
'category': 'governance'},
'public': False
}
data.update(project_data)
else:
data = project_data
request = self.factory.post(
'/', data=json.dumps(data),
content_type="application/json", **self.extra)
response = view(request, owner=self.user.username)
self.assertEqual(response.status_code, 201)
self.project = Project.objects.filter(
name=data['name'], created_by=self.user)[0]
data['url'] = 'http://testserver/api/v1/projects/%s'\
% self.project.pk
self.assertDictContainsSubset(data, response.data)
request.user = self.user
self.project_data = ProjectSerializer(
self.project, context={'request': request}).data
def test_projects_tags(self):
self._project_create()
view = ProjectViewSet.as_view({
'get': 'labels',
'post': 'labels',
'delete': 'labels'
})
list_view = ProjectViewSet.as_view({
'get': 'list',
})
project_id = self.project.pk
# no tags
request = self.factory.get('/', **self.extra)
response = view(request, pk=project_id)
self.assertNotEqual(response.get('Last-Modified'), None)
self.assertEqual(response.data, [])
# add tag "hello"
request = self.factory.post('/', data={"tags": "hello"}, **self.extra)
response = view(request, pk=project_id)
self.assertEqual(response.status_code, 201)
self.assertEqual(response.data, [u'hello'])
# check filter by tag
request = self.factory.get('/', data={"tags": "hello"}, **self.extra)
request.user = self.user
self.project_data = ProjectSerializer(self.project,
context={
'request': request
}).data
response = list_view(request, pk=project_id)
self.assertNotEqual(response.get('Last-Modified'), None)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [self.project_data])
request = self.factory.get('/', data={"tags": "goodbye"}, **self.extra)
response = list_view(request, pk=project_id)
self.assertNotEqual(response.get('Last-Modified'), None)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [])
# remove tag "hello"
request = self.factory.delete('/', **self.extra)
response = view(request, pk=project_id, label='hello')
self.assertNotEqual(response.get('Last-Modified'), None)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [])
def _publish_xls_form_to_project(self,
publish_data={},
merge=True,
public=False):
if not hasattr(self, 'project'):
self._project_create()
elif self.project.created_by != self.user:
self._project_create()
view = ProjectViewSet.as_view({'post': 'forms'})
project_id = self.project.pk
if merge:
data = {
'owner':
'http://testserver/api/v1/users/%s' %
self.project.organization.username,
'public':
False,
'public_data':
False,
'description':
u'transportation_2011_07_25',
'downloadable':
True,
'allows_sms':
False,
'encrypted':
False,
'sms_id_string':
u'transportation_2011_07_25',
'id_string':
u'transportation_2011_07_25',
'title':
u'transportation_2011_07_25',
'bamboo_dataset':
u''
}
data.update(publish_data)
else:
data = publish_data
path = os.path.join(settings.PROJECT_ROOT, "apps", "main", "tests",
"fixtures", "transportation", "transportation.xls")
with open(path) as xls_file:
post_data = {'xls_file': xls_file}
request = self.factory.post('/', data=post_data, **self.extra)
response = view(request, pk=project_id)
self.assertEqual(response.status_code, 201)
self.xform = XForm.objects.all().order_by('pk').reverse()[0]
data.update(
{'url': 'http://testserver/api/v1/forms/%s' % (self.xform.pk)})
# Input was a private so change to public if project public
if public:
data['public_data'] = data['public'] = True
self.assertDictContainsSubset(data, response.data)
self.form_data = response.data
def test_org_members_added_to_projects(self):
# create org
self._org_create()
view = OrganizationProfileViewSet.as_view({
'post': 'members',
'get': 'retrieve',
'put': 'members'
})
# create aboy
self.profile_data['username'] = "******"
aboy = self._create_user_profile().user
data = {'username': '******',
'role': 'owner'}
request = self.factory.post(
'/', data=json.dumps(data),
content_type="application/json", **self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 201)
# create a proj
project_data = {
'owner': self.company_data['user']
}
self._project_create(project_data)
self._publish_xls_form_to_project()
# create alice
self.profile_data['username'] = "******"
alice = self._create_user_profile().user
alice_data = {'username': '******',
'role': 'owner'}
request = self.factory.post(
'/', data=json.dumps(alice_data),
content_type="application/json", **self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 201)
# Assert that user added in org is added to teams in proj
self.assertTrue(OwnerRole.user_has_role(aboy, self.project))
self.assertTrue(OwnerRole.user_has_role(alice, self.project))
self.assertTrue(OwnerRole.user_has_role(aboy, self.xform))
self.assertTrue(OwnerRole.user_has_role(alice, self.xform))
# Org admins are added to owners in project
projectView = ProjectViewSet.as_view({
'get': 'retrieve'
})
request = self.factory.get('/', **self.extra)
response = projectView(request, pk=self.project.pk)
project_users = response.data.get('users')
users_in_users = [user['user'] for user in project_users]
self.assertIn('bob', users_in_users)
self.assertIn('denoinc', users_in_users)
self.assertIn('aboy', users_in_users)
self.assertIn('alice', users_in_users)
def test_org_members_added_to_projects(self):
# create org
self._org_create()
view = OrganizationProfileViewSet.as_view({
'post': 'members',
'get': 'retrieve',
'put': 'members'
})
# create aboy
self.profile_data['username'] = "******"
aboy = self._create_user_profile().user
data = {'username': '******',
'role': 'owner'}
request = self.factory.post(
'/', data=json.dumps(data),
content_type="application/json", **self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 201)
# create a proj
project_data = {
'owner': self.company_data['user']
}
self._project_create(project_data)
self._publish_xls_form_to_project()
# create alice
self.profile_data['username'] = "******"
alice = self._create_user_profile().user
alice_data = {'username': '******',
'role': 'owner'}
request = self.factory.post(
'/', data=json.dumps(alice_data),
content_type="application/json", **self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 201)
# Assert that user added in org is added to teams in proj
self.assertTrue(OwnerRole.user_has_role(aboy, self.project))
self.assertTrue(OwnerRole.user_has_role(alice, self.project))
self.assertTrue(OwnerRole.user_has_role(aboy, self.xform))
self.assertTrue(OwnerRole.user_has_role(alice, self.xform))
# Org admins are added to owners in project
projectView = ProjectViewSet.as_view({
'get': 'retrieve'
})
request = self.factory.get('/', **self.extra)
response = projectView(request, pk=self.project.pk)
project_users = response.data.get('users')
users_in_users = [user['user'] for user in project_users]
self.assertIn('bob', users_in_users)
self.assertIn('denoinc', users_in_users)
self.assertIn('aboy', users_in_users)
self.assertIn('alice', users_in_users)
def test_projects_tags(self):
self._project_create()
view = ProjectViewSet.as_view({
'get': 'labels',
'post': 'labels',
'delete': 'labels'
})
list_view = ProjectViewSet.as_view({
'get': 'list',
})
project_id = self.project.pk
# no tags
request = self.factory.get('/', **self.extra)
response = view(request, pk=project_id)
self.assertNotEqual(response.get('Last-Modified'), None)
self.assertEqual(response.data, [])
# add tag "hello"
request = self.factory.post('/', data={"tags": "hello"}, **self.extra)
response = view(request, pk=project_id)
self.assertEqual(response.status_code, 201)
self.assertEqual(response.data, [u'hello'])
# check filter by tag
request = self.factory.get('/', data={"tags": "hello"}, **self.extra)
request.user = self.user
self.project_data = ProjectSerializer(
self.project, context={'request': request}).data
response = list_view(request, pk=project_id)
self.assertNotEqual(response.get('Last-Modified'), None)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [self.project_data])
request = self.factory.get('/', data={"tags": "goodbye"}, **self.extra)
response = list_view(request, pk=project_id)
self.assertNotEqual(response.get('Last-Modified'), None)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [])
# remove tag "hello"
request = self.factory.delete('/', **self.extra)
response = view(request, pk=project_id, label='hello')
self.assertEqual(response.status_code, 200)
self.assertEqual(response.get('Last-Modified'), None)
self.assertEqual(response.data, [])
def test_projects_get(self):
self._project_create()
view = ProjectViewSet.as_view({
'get': 'retrieve'
})
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, self.project_data)
def test_view_xls_form(self):
self._publish_xls_form_to_project()
view = ProjectViewSet.as_view({
'get': 'forms'
})
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [self.form_data])
def test_owner_cannot_remove_self_if_no_other_owner(self):
self._project_create()
view = ProjectViewSet.as_view({
'put': 'share'
})
ManagerRole.add(self.user, self.project)
tom_data = {'username': '******', 'email': '*****@*****.**'}
bob_profile = self._create_user_profile(tom_data)
OwnerRole.add(bob_profile.user, self.project)
data = {'username': '******', 'remove': True, 'role': 'owner'}
request = self.factory.put('/', data=data, **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 400)
error = {'remove': [u"Project requires at least one owner"]}
self.assertEquals(response.data, error)
self.assertTrue(OwnerRole.user_has_role(bob_profile.user,
self.project))
alice_data = {'username': '******', 'email': '*****@*****.**'}
profile = self._create_user_profile(alice_data)
OwnerRole.add(profile.user, self.project)
view = ProjectViewSet.as_view({
'put': 'share'
})
data = {'username': '******', 'remove': True, 'role': 'owner'}
request = self.factory.put('/', data=data, **self.extra)
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 204)
self.assertFalse(OwnerRole.user_has_role(bob_profile.user,
self.project))
def test_read_only_users_get_non_empty_formlist_using_preview_formlist(
self, mock_send_mail):
alice_data = {
'username': '******',
'email': '*****@*****.**',
'password1': 'alice',
'password2': 'alice'
}
alice_profile = self._create_user_profile(alice_data)
self.assertFalse(
ReadOnlyRole.user_has_role(alice_profile.user, self.project))
# share bob's project with alice
data = {
'username': '******',
'role': ReadOnlyRole.name,
'email_msg': 'I have shared the project with you'
}
request = self.factory.post('/', data=data, **self.extra)
share_view = ProjectViewSet.as_view({'post': 'share'})
projectid = self.project.pk
response = share_view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
self.assertTrue(mock_send_mail.called)
self.assertTrue(
ReadOnlyRole.user_has_role(alice_profile.user, self.project))
# check that she can authenticate successfully
request = self.factory.get('/')
response = self.view(request)
self.assertEqual(response.status_code, 401)
auth = DigestAuth('alice', 'alice')
request.META.update(auth(request.META, response))
response = self.view(request, username='******')
self.assertEqual(response.status_code, 200)
# check that alice gets an empty response when requesting bob's
# formlist
self.assertEqual(response.data, [])
# set endpoint to preview formList
self.view = PreviewXFormListViewSet.as_view({"get": "list"})
request = self.factory.get('/')
response = self.view(request)
self.assertEqual(response.status_code, 401)
self.assertNotEqual(response.data, [])
auth = DigestAuth('alice', 'alice')
request.META.update(auth(request.META, response))
response = self.view(request, username='******')
self.assertEqual(response.status_code, 200)
# check that alice does NOT get an empty response when requesting bob's
# formlist when using the preview formlist endpoint
self.assertNotEqual(response.data, [])
def test_project_update_shared_cascades_to_xforms(self):
self._publish_xls_form_to_project()
view = ProjectViewSet.as_view({'patch': 'partial_update'})
projectid = self.project.pk
data = {'public': 'true'}
request = self.factory.patch('/', data=data, **self.extra)
response = view(request, pk=projectid)
xforms_status = XForm.objects.filter(project__pk=projectid)\
.values_list('shared', flat=True)
self.assertTrue(xforms_status[0])
self.assertEqual(response.status_code, 200)
def test_read_only_users_get_non_empty_formlist_using_preview_formlist(
self, mock_send_mail):
alice_data = {
'username': '******',
'email': '*****@*****.**',
'password1': 'alice',
'password2': 'alice'
}
alice_profile = self._create_user_profile(alice_data)
self.assertFalse(
ReadOnlyRole.user_has_role(alice_profile.user, self.project))
# share bob's project with alice
data = {
'username': '******',
'role': ReadOnlyRole.name,
'email_msg': 'I have shared the project with you'
}
request = self.factory.post('/', data=data, **self.extra)
share_view = ProjectViewSet.as_view({'post': 'share'})
projectid = self.project.pk
response = share_view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
self.assertTrue(mock_send_mail.called)
self.assertTrue(
ReadOnlyRole.user_has_role(alice_profile.user, self.project))
# check that she can authenticate successfully
request = self.factory.get('/')
response = self.view(request)
self.assertEqual(response.status_code, 401)
auth = DigestAuth('alice', 'alice')
request.META.update(auth(request.META, response))
response = self.view(request, username='******')
self.assertEqual(response.status_code, 200)
# check that alice gets an empty response when requesting bob's
# formlist
self.assertEqual(response.data, [])
# set endpoint to preview formList
self.view = PreviewXFormListViewSet.as_view({"get": "list"})
request = self.factory.get('/')
response = self.view(request)
self.assertEqual(response.status_code, 401)
self.assertNotEqual(response.data, [])
auth = DigestAuth('alice', 'alice')
request.META.update(auth(request.META, response))
response = self.view(request, username='******')
self.assertEqual(response.status_code, 200)
# check that alice does NOT get an empty response when requesting bob's
# formlist when using the preview formlist endpoint
self.assertNotEqual(response.data, [])
def test_project_add_star(self):
self._project_create()
self.assertEqual(len(self.project.user_stars.all()), 0)
view = ProjectViewSet.as_view({'post': 'star'})
request = self.factory.post('/', **self.extra)
response = view(request, pk=self.project.pk)
self.project.reload()
self.assertEqual(response.status_code, 204)
self.assertEqual(len(self.project.user_stars.all()), 1)
self.assertEqual(self.project.user_stars.all()[0], self.user)
def _publish_xls_form_to_project(self, publish_data={}, merge=True,
public=False, xlsform_path=None):
if not hasattr(self, 'project'):
self._project_create()
elif self.project.created_by != self.user:
self._project_create()
view = ProjectViewSet.as_view({
'post': 'forms'
})
project_id = self.project.pk
if merge:
data = {
'owner': 'http://testserver/api/v1/users/%s'
% self.project.organization.username,
'public': False,
'public_data': False,
'description': u'transportation_2011_07_25',
'downloadable': True,
'allows_sms': False,
'encrypted': False,
'sms_id_string': u'transportation_2011_07_25',
'id_string': u'transportation_2011_07_25',
'title': u'transportation_2011_07_25',
'bamboo_dataset': u''
}
data.update(publish_data)
else:
data = publish_data
path = xlsform_path or os.path.join(
settings.PROJECT_ROOT, "apps", "main", "tests", "fixtures",
"transportation", "transportation.xls")
with HTTMock(enketo_preview_url_mock, enketo_url_mock):
with open(path, 'rb') as xls_file:
post_data = {'xls_file': xls_file}
request = self.factory.post(
'/', data=post_data, **self.extra)
response = view(request, pk=project_id)
self.assertEqual(response.status_code, 201)
self.xform = XForm.objects.all().order_by('pk').reverse()[0]
data.update({
'url':
'http://testserver/api/v1/forms/%s' % (self.xform.pk)
})
# Input was a private so change to public if project public
if public:
data['public_data'] = data['public'] = True
self.form_data = response.data
def test_projects_get(self):
self._project_create()
view = ProjectViewSet.as_view({'get': 'retrieve'})
request = self.factory.get('/', **self.extra)
response = view(request)
self.assertEqual(response.status_code, 400)
self.assertEqual(response.data,
{'detail': 'Expected URL keyword argument `owner`.'})
request = self.factory.get('/', **self.extra)
response = view(request, owner='bob', pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, self.project_data)
def test_anon_project_form_endpoint(self):
self._project_create()
self._publish_xls_form_to_project()
view = ProjectViewSet.as_view({
'get': 'forms'
})
request = self.factory.get('/')
response = view(request, pk=self.project.pk)
self.assertEqual(response.status_code, 404)
def test_project_update_shared_cascades_to_xforms(self):
self._publish_xls_form_to_project()
view = ProjectViewSet.as_view({
'patch': 'partial_update'
})
projectid = self.project.pk
data = {'public': 'true'}
request = self.factory.patch('/', data=data, **self.extra)
response = view(request, pk=projectid)
xforms_status = XForm.objects.filter(project__pk=projectid)\
.values_list('shared', flat=True)
self.assertTrue(xforms_status[0])
self.assertEqual(response.status_code, 200)
def test_project_partial_updates_to_existing_metadata(self):
self._project_create()
view = ProjectViewSet.as_view({'patch': 'partial_update'})
projectid = self.project.pk
metadata = '{"description": "Changed description"}'
json_metadata = json.loads(metadata)
data = {'metadata': metadata}
request = self.factory.patch('/', data=data, **self.extra)
response = view(request, pk=projectid)
project = Project.objects.get(pk=projectid)
json_metadata.update(project.metadata)
self.assertEqual(response.status_code, 200)
self.assertEqual(project.metadata, json_metadata)
def test_project_update_shared_cascades_to_xforms(self):
self._publish_xls_form_to_project()
view = ProjectViewSet.as_view({'patch': 'partial_update'})
projectid = self.project.pk
data = {'public': 'true'}
request = self.factory.patch('/', data=data, **self.extra)
response = view(request, pk=projectid)
project = Project.objects.get(pk=projectid)
project_xforms = project.projectxform_set.all()
xforms_status = {p.xform.shared for p in project_xforms}
xforms_status = list(xforms_status)
self.assertTrue(xforms_status[0])
self.assertEqual(response.status_code, 200)
def test_projects_get(self):
self._project_create()
view = ProjectViewSet.as_view({
'get': 'retrieve'
})
request = self.factory.get('/', **self.extra)
response = view(request)
self.assertEqual(response.status_code, 400)
self.assertEqual(response.data,
{'detail': 'Expected URL keyword argument `owner`.'})
request = self.factory.get('/', **self.extra)
response = view(request, owner='bob', pk=self.project.pk)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, self.project_data)
def test_project_add_star(self):
self._project_create()
self.assertEqual(len(self.project.user_stars.all()), 0)
view = ProjectViewSet.as_view({
'post': 'star'
})
request = self.factory.post('/', **self.extra)
response = view(request, pk=self.project.pk)
self.project.reload()
self.assertEqual(response.status_code, 204)
self.assertEqual(len(self.project.user_stars.all()), 1)
self.assertEqual(self.project.user_stars.all()[0], self.user)
def test_project_share_endpoint_form_published_later(self, mock_send_mail):
# create project
self._project_create()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
projectid = self.project.pk
ROLES = [ReadOnlyRole,
DataEntryRole,
EditorRole,
ManagerRole,
OwnerRole]
for role_class in ROLES:
self.assertFalse(role_class.user_has_role(alice_profile.user,
self.project))
data = {'username': '******', 'role': role_class.name,
'email_msg': 'I have shared the project with you'}
request = self.factory.post('/', data=data, **self.extra)
view = ProjectViewSet.as_view({
'post': 'share'
})
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
self.assertTrue(mock_send_mail.called)
self.assertTrue(role_class.user_has_role(alice_profile.user,
self.project))
# publish form after project sharing
self._publish_xls_form_to_project()
self.assertTrue(role_class.user_has_role(alice_profile.user,
self.xform))
# Reset the mock called value to False
mock_send_mail.called = False
data = {'username': '******', 'role': ''}
request = self.factory.post('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 400)
self.assertEqual(response.get('Last-Modified'), None)
self.assertFalse(mock_send_mail.called)
role_class._remove_obj_permissions(alice_profile.user,
self.project)
self.xform.delete()
def test_project_update_shared_cascades_to_xforms(self):
self._publish_xls_form_to_project()
view = ProjectViewSet.as_view({
'patch': 'partial_update'
})
projectid = self.project.pk
data = {'public': 'true'}
request = self.factory.patch('/', data=data, **self.extra)
response = view(request, pk=projectid)
project = Project.objects.get(pk=projectid)
project_xforms = project.projectxform_set.all()
xforms_status = {p.xform.shared for p in project_xforms}
xforms_status = list(xforms_status)
self.assertTrue(xforms_status[0])
self.assertEqual(response.status_code, 200)
def test_project_partial_updates_to_existing_metadata(self):
self._project_create()
view = ProjectViewSet.as_view({
'patch': 'partial_update'
})
projectid = self.project.pk
metadata = '{"description": "Changed description"}'
json_metadata = json.loads(metadata)
data = {'metadata': metadata}
request = self.factory.patch('/', data=data, **self.extra)
response = view(request, pk=projectid)
project = Project.objects.get(pk=projectid)
json_metadata.update(project.metadata)
self.assertEqual(response.status_code, 200)
self.assertEqual(project.metadata, json_metadata)
def test_project_share_readonly_no_downloads(self):
# create project and publish form to project
self._publish_xls_form_to_project()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
tom_data = {'username': '******', 'email': '*****@*****.**'}
tom_data = self._create_user_profile(tom_data)
projectid = self.project.pk
self.assertFalse(
ReadOnlyRoleNoDownload.user_has_role(alice_profile.user,
self.project))
data = {'username': '******', 'role': ReadOnlyRoleNoDownload.name}
request = self.factory.post('/', data=data, **self.extra)
view = ProjectViewSet.as_view({
'post': 'share',
'get': 'retrieve'
})
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
data = {'username': '******', 'role': ReadOnlyRole.name}
request = self.factory.post('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
# get the users
users = response.data.get('users')
self.assertEqual(len(users), 3)
for user in users:
if user.get('user') == 'bob':
self.assertEquals(user.get('role'), 'owner')
elif user.get('user') == 'alice':
self.assertEquals(user.get('role'), 'readonly-no-download')
elif user.get('user') == 'tom':
self.assertEquals(user.get('role'), 'readonly')
