def setUp(self):
super(TestRdmUserKey, self).setUp()
self.user = AuthUserFactory()
def user_non_contrib(self):
return AuthUserFactory()
def test_settings_detail_raises_error_if_noncontrib_not_public_GET(self):
noncontrib = AuthUserFactory()
res = self.app.get(self.setting_detail_url,
auth=noncontrib.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
def provider_admin(self, provider):
user = AuthUserFactory()
user.groups.add(provider.get_group(permissions.ADMIN))
return user
def preprint_admin(self, preprint):
user = AuthUserFactory()
preprint.add_contributor(user, permissions.ADMIN)
return user
def admin(self):
user = AuthUserFactory()
user.is_staff = True
user.add_system_tag('preprint_metrics')
user.save()
return user
def user_two(self):
return AuthUserFactory()
def moderator_pair(self, expected_providers):
user = AuthUserFactory()
provider = expected_providers[0]
user.groups.add(GroupHelper(provider).get_group('moderator'))
return (user, provider)
def admin_pair(self, expected_providers):
user = AuthUserFactory()
provider = expected_providers[1]
user.groups.add(GroupHelper(provider).get_group('admin'))
return (user, provider)
def user_two(self, institution):
user_two = AuthUserFactory(fullname='Chance The Rapper')
user_two.affiliated_institutions.add(institution)
user_two.save()
return user_two
def setUp(self):
super(CommentDetailMixin, self).setUp()
self.user = AuthUserFactory()
self.contributor = AuthUserFactory()
self.non_contributor = AuthUserFactory()
def setUp(self): super(PreprintCitationsMixin, self).setUp() self.admin_contributor = AuthUserFactory() self.published_preprint = PreprintFactory(creator=self.admin_contributor) self.unpublished_preprint = PreprintFactory(creator=self.admin_contributor, is_published=False)
def setUp(self):
super(TestUserReindex, self).setUp()
self.request = RequestFactory().post('/fake_path')
self.user = AuthUserFactory()
def setUp(self):
super(TestCompleteView, self).setUp()
self.user = AuthUserFactory()
self.request = RequestFactory().get('/fake_path')
self.view = views.CompleteView()
self.view = setup_user_view(self.view, self.request, user=self.user)
def moderator(self, provider):
moderator = AuthUserFactory()
moderator.groups.add(GroupHelper(provider).get_group('moderator'))
return moderator
def user(self, allowed_providers):
user = AuthUserFactory()
for provider in allowed_providers:
user.groups.add(GroupHelper(provider).get_group('moderator'))
return user
def contrib(self):
return AuthUserFactory()
def test_create_permissions(self, app, url, preprint, node_admin,
moderator):
assert preprint.machine_state == 'initial'
submit_payload = self.create_payload(preprint._id, trigger='submit')
# Unauthorized user can't submit
res = app.post_json_api(url, submit_payload, expect_errors=True)
assert res.status_code == 401
# A random user can't submit
some_rando = AuthUserFactory()
res = app.post_json_api(url,
submit_payload,
auth=some_rando.auth,
expect_errors=True)
assert res.status_code == 403
# Node admin can submit
res = app.post_json_api(url, submit_payload, auth=node_admin.auth)
assert res.status_code == 201
preprint.refresh_from_db()
assert preprint.machine_state == 'pending'
assert not preprint.is_published
accept_payload = self.create_payload(preprint._id,
trigger='accept',
comment='This is good.')
# Unauthorized user can't accept
res = app.post_json_api(url, accept_payload, expect_errors=True)
assert res.status_code == 401
# A random user can't accept
res = app.post_json_api(url,
accept_payload,
auth=some_rando.auth,
expect_errors=True)
assert res.status_code == 403
# Moderator from another provider can't accept
another_moderator = AuthUserFactory()
another_moderator.groups.add(
PreprintProviderFactory().get_group('moderator'))
res = app.post_json_api(url,
accept_payload,
auth=another_moderator.auth,
expect_errors=True)
assert res.status_code == 403
# Node admin can't accept
res = app.post_json_api(url,
accept_payload,
auth=node_admin.auth,
expect_errors=True)
assert res.status_code == 403
# Still unchanged after all those tries
preprint.refresh_from_db()
assert preprint.machine_state == 'pending'
assert not preprint.is_published
# Moderator can accept
res = app.post_json_api(url, accept_payload, auth=moderator.auth)
assert res.status_code == 201
preprint.refresh_from_db()
assert preprint.machine_state == 'accepted'
assert preprint.is_published
def test_authentication(self, app, user, private_project, pointer,
private_registration, private_registration_url,
private_fork, private_component):
# test_cannot_access_private_registration_forks_list_unauthenticated
res = app.get(private_registration_url, expect_errors=True)
assert res.status_code == 401
assert res.json['errors'][0][
'detail'] == exceptions.NotAuthenticated.default_detail
# test_authenticated_contributor_can_access_private_registration_forks_list
res = app.get(
'{}?embed=children&embed=node_links&embed=logs&embed=contributors&embed=forked_from'
.format(private_registration_url),
auth=user.auth)
assert res.status_code == 200
assert len(res.json['data']) == 1
data = res.json['data'][0]
assert data['attributes']['title'] == 'Fork of ' + \
private_project.title
assert data['id'] == private_fork._id
fork_contributors = data['embeds']['contributors']['data'][0][
'embeds']['users']['data']
assert fork_contributors['attributes'][
'family_name'] == user.family_name
assert fork_contributors['id'] == user._id
forked_children = data['embeds']['children']['data'][0]
assert forked_children['id'] == private_registration.forks.first(
).get_nodes(is_node_link=False)[0]._id
assert forked_children['attributes'][
'title'] == private_component.title
forked_node_links = data['embeds']['node_links']['data'][0]['embeds'][
'target_node']['data']
assert forked_node_links['id'] == pointer._id
assert forked_node_links['attributes']['title'] == pointer.title
assert not data['attributes']['registration']
assert data['attributes']['fork'] is True
expected_logs = list(
private_registration.logs.values_list('action', flat=True))
expected_logs.append('node_forked')
forked_logs = data['embeds']['logs']['data']
assert set(expected_logs) == set(log['attributes']['action']
for log in forked_logs)
assert len(forked_logs) == len(expected_logs)
forked_from = data['embeds']['forked_from']['data']
assert forked_from['id'] == private_registration._id
# test_authenticated_non_contributor_cannot_access_private_registration_forks_list
non_contributor = AuthUserFactory()
res = app.get(private_registration_url,
auth=non_contributor.auth,
expect_errors=True)
assert res.status_code == 403
assert res.json['errors'][0][
'detail'] == exceptions.PermissionDenied.default_detail
def test_non_owner_cant_delete(self, app, user_app_url):
non_owner = AuthUserFactory()
res = app.delete(user_app_url, auth=non_owner.auth, expect_errors=True)
assert res.status_code == 403
def user_three(self):
return AuthUserFactory()
def test_weko_get_node_settings_unauthorized(self):
url = self.node_settings.owner.api_url_for('weko_get_config')
unauthorized = AuthUserFactory()
ret = self.app.get(url, auth=unauthorized.auth, expect_errors=True)
assert_equal(ret.status_code, 403)
def provider_moderator(self, provider):
user = AuthUserFactory()
user.groups.add(provider.get_group('moderator'))
return user
def user_read_contrib(self):
return AuthUserFactory()
def user_write_contrib(self):
return AuthUserFactory()
def test_cannot_create_linked_registrations_relationship(
self, app, make_request, user_admin_contrib, user_read_contrib,
user_non_contrib, node_private, make_payload):
# test_read_contributor_cannot_create_linked_registrations_relationship
registration = RegistrationFactory(is_public=True)
res = make_request(node_id=node_private._id,
reg_id=registration._id,
auth=user_read_contrib.auth,
expect_errors=True)
assert res.status_code == 403
assert res.json['errors'][0][
'detail'] == exceptions.PermissionDenied.default_detail
# test_non_contributor_cannot_create_linked_registrations_relationship
registration = RegistrationFactory(is_public=True)
res = make_request(node_id=node_private._id,
reg_id=registration._id,
auth=user_non_contrib.auth,
expect_errors=True)
assert res.status_code == 403
assert res.json['errors'][0][
'detail'] == exceptions.PermissionDenied.default_detail
# test_read_osf_group_mem_cannot_create_linked_registrations_relationship
group_mem = AuthUserFactory()
group = OSFGroupFactory(creator=group_mem)
node_private.add_osf_group(group, READ)
registration = RegistrationFactory(is_public=True)
res = make_request(node_id=node_private._id,
reg_id=registration._id,
auth=group_mem.auth,
expect_errors=True)
assert res.status_code == 403
# test_unauthenticated_user_cannot_create_linked_registrations_relationship
registration = RegistrationFactory(is_public=True)
res = make_request(node_id=node_private._id,
reg_id=registration._id,
expect_errors=True)
assert res.status_code == 401
assert res.json['errors'][0][
'detail'] == exceptions.NotAuthenticated.default_detail
# test_cannot_create_linked_registrations_relationship_invalid_registration_guid
res = make_request(node_id=node_private._id,
reg_id='abcde',
auth=user_admin_contrib.auth,
expect_errors=True)
assert res.status_code == 404
assert res.json['errors'][0][
'detail'] == 'Node with id "abcde" was not found'
# test_cannot_create_linked_registration_relationship_to_private_registration_if_non_contributor
registration = RegistrationFactory()
res = make_request(node_id=node_private._id,
reg_id=registration._id,
auth=user_admin_contrib.auth,
expect_errors=True)
assert res.status_code == 403
assert res.json['errors'][0][
'detail'] == exceptions.PermissionDenied.default_detail
# test_cannot_create_relationship_with_child_registration
child_reg = RegistrationFactory(creator=user_admin_contrib)
NodeRelationFactory(child=child_reg, parent=node_private)
url = '/{}nodes/{}/relationships/linked_registrations/'.format(
API_BASE, node_private._id)
data = make_payload(registration_id=child_reg._id)
res = app.post_json_api(url,
data,
auth=user_admin_contrib.auth,
expect_errors=True)
assert res.status_code == 400
assert res.json['errors'][0][
'detail'] == 'Target Node \'{}\' is already a child of \'{}\'.'.format(
child_reg._id, node_private._id)
# test_cannot_create_link_registration_to_itself
res = make_request(node_id=node_private._id,
reg_id=node_private._id,
auth=user_admin_contrib.auth,
expect_errors=True)
assert res.status_code == 400
assert res.json['errors'][0][
'detail'] == 'Cannot link node \'{}\' to itself.'.format(
node_private._id)
def user():
return AuthUserFactory()
def node_admin(self):
return AuthUserFactory()
def test_folder_list_GET_raises_error_noncontrib_not_public(self):
noncontrib = AuthUserFactory()
res = self.app.get(self.folder_url,
auth=noncontrib.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
def other_user(self):
return AuthUserFactory()
