class SimpleTest(TestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.user = User.objects.create_user(username='******', email='*****@*****.**', password='******')
def test_not_authorized(self):
""" Tests that an unauthenticed request fails """
request = self.factory.get('/s3/signatures/?s3_object_name=1', format='json')
response = views.s3signatures(request)
assert response.status_code == 401, 'unauthorized attempt should cause http status 401, not %d' % (response.status_code)
def test_missing_params(self):
""" Tests that missing params return a bad request status """
request = self.factory.get('/s3/signatures/', format='json')
request.user = self.user
force_authenticate(request, user=self.user)
response = views.s3signatures(request)
assert response.status_code == 400, 'missing s3_object_name should cause http status 400, not %d' % (response.status_code)
def test_success(self):
request = self.factory.get('/s3/signatures/?s3_object_name=1', format='json')
request.user = self.user
force_authenticate(request, user=self.user)
response = views.s3signatures(request)
assert response.status_code == 200, 'successful message should return http status 200, not %d' % (response.status_code)
class SimpleTest(TestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.user = User.objects.create_user(username='******', email='*****@*****.**', password='******')
def test_not_authorized(self):
""" Tests that an unauthenticed request fails """
request = self.factory.get('/s3/signatures/?s3_object_name=1', format='json')
response = views.s3signatures(request)
assert response.status_code == 401, 'unauthorized attempt should cause http status 401, not %d' % (response.status_code)
def test_missing_params(self):
""" Tests that missing params return a bad request status """
request = self.factory.get('/s3/signatures/', format='json')
request.user = self.user
force_authenticate(request, user=self.user)
response = views.s3signatures(request)
assert response.status_code == 400, 'missing s3_object_name should cause http status 400, not %d' % (response.status_code)
@unittest.skip("""
I upgraded rest_framework and this test started failing and I think the problem may be
due to force_authenticate. I don't want to debug the test framework right now, particularly
since we aren't using /s3/signatures/ right now.
""")
def test_success(self):
request = self.factory.get('/s3/signatures/?s3_object_name=1', format='json')
request.user = self.user
force_authenticate(request, user=self.user)
response = views.s3signatures(request)
assert response.status_code == 200, 'successful message should return http status 200, not %d' % (response.status_code)
def setUp(self):
self.list_view = ViewSet.as_view({'get': 'list'})
self.detailed_view = ViewSet.as_view({'get': 'retrieve'})
self.anonymous_user = AnonymousUserFactory()
self.user = UserFactory.create()
self.group = GroupFactory.create(name=self.user.username)
self.staff_user = UserFactory.create(is_staff=True)
self.provider = ProviderFactory.create()
self.quota = QuotaFactory.create()
self.identity = IdentityFactory.create(
provider=self.provider, quota=self.quota, created_by=self.user
)
IdentityMembershipFactory.create(
member=self.group,
identity=self.identity,
)
factory = APIRequestFactory()
detail_url = reverse(
'api:v2:identity-detail', args=(self.identity.id, )
)
self.detail_request = factory.get(detail_url)
list_url = reverse('api:v2:identity-list')
self.list_request = factory.get(list_url)
def test_parse_query_parameters(self):
"""Test the parsing of query parameters."""
# test a get with group, summary, start, end and user
test_cloud_view = CloudRecordSummaryView()
factory = APIRequestFactory()
url = ''.join((reverse('CloudRecordSummaryView'),
'?group=Group1',
'&service=Service1',
'&from=FromDate',
'&to=ToDate',
'&user=UserA'))
request = factory.get(url)
parsed_responses = test_cloud_view._parse_query_parameters(request)
self.assertEqual(parsed_responses,
("Group1", "Service1", "FromDate",
"ToDate", "UserA"))
# test a get with just an end date
url = ''.join((reverse('CloudRecordSummaryView'),
'?to=ToDate'))
request = factory.get(url)
parsed_responses = test_cloud_view._parse_query_parameters(request)
self.assertEqual(parsed_responses,
(None, None, None,
"ToDate", None))
class BaseTestCase(TestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.username = '******'
self.email = '*****@*****.**'
self.password = '******'
self.settings(JWT_AUTH=JWT_AUTH)
self.user = User.objects.create_activate_user(username=self.username, email=self.email,
password=self.password)
def auth_post(self, url, data=None):
request = self.factory.post(url, data=data)
force_authenticate(request, user=self.user)
return request
def auth_get(self, url, data=None):
request = self.factory.get(url, data=data)
force_authenticate(request, user=self.user)
return request
def get(self, url, data=None):
request = self.factory.get(url, data=data)
return request
def post(self, url, data=None):
request = self.factory.post(url, data=data)
return request
class TestDataViews(APITestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.client = APIClient()
self.user = setup_user()
self.view = views.Data.as_view()
self.uri = '/v1/geo/data/'
def test_not_authenticated_uri(self):
"""
not authorized access not allowed
"""
request = self.factory.get(self.uri)
response = self.view(request)
response.render()
self.assertEqual(response.status_code, 401,
'Expected Response Code 401, received {0} instead.'
.format(response.status_code))
def test_authenticated_uri(self):
"""
ensure that uri is authorized access only
"""
request = self.factory.get(self.uri)
force_authenticate(request, self.user)
response = self.view(request)
response.render()
self.assertEqual(response.status_code, 200,
'Expected Response Code 200, received {0} instead.'
.format(response.status_code))
def test_authenticated_or_scoped_permission_allow(self):
self.access_token.scope = 'scope1'
self.access_token.save()
# correct token and correct scope
auth = self._create_authorization_header(self.access_token.token)
response = self.client.get("/oauth2-authenticated-or-scoped-test/", HTTP_AUTHORIZATION=auth)
self.assertEqual(response.status_code, 200)
auth = self._create_authorization_header("fake-token")
# incorrect token but authenticated
factory = APIRequestFactory()
request = factory.get("/oauth2-authenticated-or-scoped-test/")
request.auth = auth
force_authenticate(request, self.test_user)
response = AuthenticatedOrScopedView.as_view()(request)
self.assertEqual(response.status_code, 200)
# correct token but not authenticated
request = factory.get("/oauth2-authenticated-or-scoped-test/")
request.auth = auth
self.access_token.scope = 'scope1'
self.access_token.save()
force_authenticate(request, token=self.access_token)
response = AuthenticatedOrScopedView.as_view()(request)
self.assertEqual(response.status_code, 200)
class TestRequestHeaderToken(APITestCase):
def setUp(self):
self.username = '******'
self.password = '******'
self.user = User.objects.create_user(self.username, '*****@*****.**', self.password)
self.token = Token.objects.get()
self.factory = APIRequestFactory()
self.view = MockView()
def test_token_auth_on_by_default(self):
authenticators = self.view.get_authenticators()
self.assertGreaterEqual(len(authenticators), 1)
self.assertEqual(type(TokenAuthentication()), type(authenticators[0]))
def test_header_enables_auth(self):
# set up request
header = "Token %s" % self.token.key
request = self.factory.get('/', HTTP_AUTHORIZATION=header)
auth_request = self.view.initialize_request(request)
# user is correctly associated with request
self.assertEqual(auth_request.user, self.user)
def test_auth_header_name(self):
header = "Token %s" % self.token.key
request = self.factory.get('/', HTTP_AUTHORIZATION=header)
self.assertIn('HTTP_AUTHORIZATION', request.META)
class ChoiceDetail(APITestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.client = APIClient()
self.user = setup_user()
self.view = views.PollList.as_view()
self.uri = '/choices/pk/'
def test_unauthenticated_uri(self):
"""
If not authorized access not allowed
"""
request = self.factory.get(self.uri)
response = self.view(request, pk='2')
self.assertEqual(response.status_code, 401,
'Expected Response Code 401, received {0} instead.'
.format(response.status_code))
def test_authenticated_uri(self):
"""
GET
"""
request = self.factory.get(self.uri)
force_authenticate(request, self.user)
response = self.view(request, pk='2')
self.assertEqual(response.status_code, 200,
'Expected Response Code 200, received {0} instead.'
.format(response.status_code))
def test_get_game_data_player(self):
"""
Should return game session data for authenticated user upon GET
request to /play/<session_id>/ag
Should only return when its that users turn to play.
"""
test_session = GameSession.objects.get(id=1)
test_session.set_turn_data(test_json_data_global, "V")
factory = APIRequestFactory()
user = User.objects.get(username='******')
view = GameREST.as_view()
url = 'play/' + str(test_session.id) + '/ag/'
request = factory.get(url)
force_authenticate(request, user=user)
response = view(request, test_session.id)
self.assertEqual(response.data['turn_data'], test_json_data_global)
# This test is not the user that should play next
user2 = User.objects.get(username='******')
request2 = factory.get(url)
force_authenticate(request2, user=user2)
response2 = view(request2, test_session.id)
self.assertEqual(response2.data['detail'],
'You do not have permission to perform this action.')
class TestCustomPageNumberPagination(TestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.view = generics.ListAPIView.as_view(
serializer_class=PassThroughSerializer,
queryset=range(1, 101),
pagination_class=CustomPageNumberPagination
)
def test_metadata_with_page_size(self):
request = self.factory.get('/', {'page_size': 10, 'page': 2})
response = self.view(request)
assert response.status_code == status.HTTP_200_OK
assert response.data == {
'page_size': 10,
'page_count': 10,
'results': range(11, 21),
'previous': 'http://testserver/?page_size=10',
'next': 'http://testserver/?page=3&page_size=10',
'count': 100
}
def test_metadata_with_default_page_size(self):
request = self.factory.get('/')
response = self.view(request)
assert response.status_code == status.HTTP_200_OK
assert response.data == {
'page_size': 25,
'page_count': 4,
'results': range(1, 26),
'previous': None,
'next': 'http://testserver/?page=2',
'count': 100
}
def test_paginate_result(self):
"""Test an empty result is paginated correctly."""
# test when no page is given.
test_cloud_view = CloudRecordSummaryView()
content = test_cloud_view._paginate_result(None, [])
expected_content = {'count': 0,
'previous': None,
u'results': [],
'next': None}
self.assertEqual(content, expected_content)
# test when page number is incorrect/invalid
factory = APIRequestFactory()
# test when page number is not a number
url = ''.join((reverse('CloudRecordSummaryView'),
'?page=a'))
request = factory.get(url)
content = test_cloud_view._paginate_result(request, [])
self.assertEqual(content, expected_content)
# test when page number is out of bounds
url = ''.join((reverse('CloudRecordSummaryView'),
'?page=9999'))
request = factory.get(url)
content = test_cloud_view._paginate_result(request, [])
self.assertEqual(content, expected_content)
class FileStoreItemsAPITests(APITestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.item = FileStoreItem.objects.create(
source='http://example.org/test_file.dat'
)
self.view = FileStoreItems.as_view()
self.url_root = '/api/v2/file_store_items/'
def test_get_ok_response_with_valid_uuid(self):
request = self.factory.get(self.url_root + self.item.uuid + '/')
response = self.view(request, self.item.uuid)
self.assertEqual(response.status_code, 200)
def test_get_data_with_valid_uuid(self):
expected_response = FileStoreItemSerializer(self.item)
request = self.factory.get(self.url_root + self.item.uuid + '/')
response = self.view(request, self.item.uuid)
response_keys = response.data.keys()
for field in response_keys:
self.assertEqual(response.data[field],
expected_response.data[field])
def test_get_not_found_response_with_nonexistent_uuid(self):
non_existent_uuid = str(uuid.uuid4())
request = self.factory.get(self.url_root + non_existent_uuid + '/')
response = self.view(request, non_existent_uuid)
self.assertEqual(response.status_code, 404)
def test_list_users(self):
#only authenticated admin user should be able to see the user listing
factory = APIRequestFactory()
view = AccountList.as_view()
#unauthenticated
unauth_req = factory.get('/api/v1/users/')
response = view(unauth_req)
self.assertEquals(response.status_code, status.HTTP_401_UNAUTHORIZED)
#authenticated but not admin
user = self.normal_user
auth_request = factory.get('/api/v1/users/')
force_authenticate(auth_request, user=user, token=self.normal_token)
response = view(auth_request)
self.assertEquals(response.status_code, 403)
#authenticated admin -> OK
user = self.super_user
auth_request = factory.get('/api/v1/users/')
force_authenticate(auth_request, user=user, token=self.super_token)
response = view(auth_request)
#check that the id of the list's first item if 1
self.assertTrue(response.data[0]['id']==1)
self.assertEquals(response.status_code, 200)
#check that you are able to get only certain accouts using pks
auth_request = factory.get('/api/v1/users/?ids=1,3')
force_authenticate(auth_request, user=user, token=self.super_token)
response = view(auth_request)
self.assertEqual(len(response.data), 2)
self.assertEqual(sorted([e['id'] for e in response.data]), [1, 3])
def test_get_object_bounding_box_single_cuboid(self):
""" Test getting the bounding box of a object"""
test_mat = np.ones((128, 128, 16))
test_mat[0:128, 0:128, 0:16] = 4
test_mat = test_mat.astype(np.uint64)
test_mat = test_mat.reshape((16, 128, 128))
bb = blosc.compress(test_mat, typesize=64)
# Create request
factory = APIRequestFactory()
request = factory.post('/' + version + '/cutout/col1/exp1/bbchan1/0/1536:1664/1536:1664/0:16/', bb,
content_type='application/blosc')
# log in user
force_authenticate(request, user=self.user)
# Make request
response = Cutout.as_view()(request, collection='col1', experiment='exp1', channel='bbchan1',
resolution='0', x_range='1536:1664', y_range='1536:1664', z_range='0:16', t_range=None)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
# Create Request to get data you posted
request = factory.get('/' + version + '/cutout/col1/exp1/bbchan1/0/1536:1664/1536:1664/0:16/',
accepts='application/blosc')
# log in user
force_authenticate(request, user=self.user)
# Make request
response = Cutout.as_view()(request, collection='col1', experiment='exp1', channel='bbchan1',
resolution='0', x_range='1536:1664', y_range='1536:1664', z_range='0:16', t_range=None).render()
self.assertEqual(response.status_code, status.HTTP_200_OK)
# Decompress
raw_data = blosc.decompress(response.content)
data_mat = np.fromstring(raw_data, dtype=np.uint64)
data_mat = np.reshape(data_mat, (16, 128, 128), order='C')
# Test for data equality (what you put in is what you got back!)
np.testing.assert_array_equal(data_mat, test_mat)
# get the bounding box
# Create request
factory = APIRequestFactory()
request = factory.get('/' + version + '/boundingbox/col1/exp1/bbchan1/0/4')
# log in user
force_authenticate(request, user=self.user)
# Make request
response = BoundingBox.as_view()(request, collection='col1', experiment='exp1', channel='bbchan1',
resolution='0', id='4')
self.assertEqual(response.status_code, status.HTTP_200_OK)
bb = response.data
self.assertEqual(bb['t_range'], [0, 1])
self.assertEqual(bb['x_range'], [1536, 2048])
self.assertEqual(bb['y_range'], [1536, 2048])
self.assertEqual(bb['z_range'], [0, 16])
class IngredientListTestCase(TestCase):
def setUp(self):
super(IngredientListTestCase, self).setUp()
self.rf = APIRequestFactory()
self.view = IngredientListCreateAPIView.as_view()
self.user = mommy.make(settings.AUTH_USER_MODEL)
def test_without_authenticated_user(self):
self.assertEqual(Ingredient.objects.count(), 0)
request = self.rf.get(reverse('ingredients_list_and_create'))
raw_response = self.view(request)
response = raw_response.render()
self.assertEqual(response.status_code, 403)
self.assertEqual(
response.data,
{
'detail': 'Authentication credentials were not provided.'
}
)
def test_no_ingredients(self):
self.assertEqual(Ingredient.objects.count(), 0)
request = self.rf.get(reverse('ingredients_list_and_create'))
force_authenticate(request, user=self.user)
raw_response = self.view(request)
response = raw_response.render()
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data, [])
def test_only_one_ingredient(self):
ingredient = mommy.make('Ingredient')
request = self.rf.get(reverse('ingredients_list_and_create'))
force_authenticate(request, user=self.user)
raw_response = self.view(request)
response = raw_response.render()
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.data), 1)
obj = response.data[0]
self.assertEqual(obj['name'], ingredient.name)
self.assertEqual(obj['id'], ingredient.id)
def test_several_ingredients(self):
ingredient = mommy.make('Ingredient', _quantity=20)
request = self.rf.get(reverse('ingredients_list_and_create'))
force_authenticate(request, user=self.user)
raw_response = self.view(request)
response = raw_response.render()
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.data), 20)
class CommonApiSerializerTests(APITestCase):
"""
Serializer tests.
"""
def setUp(self):
self.factory = APIRequestFactory()
def test_RegionSerializer(self):
name = 'Test Region'
region = Region.objects.create(name=name)
url = reverse('region-detail', (region.id, ))
request = self.factory.get(url)
absolute_url = request.build_absolute_uri()
serializer = RegionSerializer(instance=region, context={'request': request})
self.assertEqual(serializer.data, {'id': str(region.id),
'name': name,
'url': absolute_url})
def test_PositionSerializer(self):
name = 'Test Position'
position = Position.objects.create(name=name)
url = reverse('position-detail', (position.id, ))
request = self.factory.get(url)
absolute_url = request.build_absolute_uri()
serializer = PositionSerializer(instance=position, context={'request': request})
self.assertEqual(serializer.data, {'id': str(position.id),
'name': name,
'secondary': False,
'url': absolute_url})
def test_SkillBracketSerializer(self):
name = 'Test Skill Bracket'
skill_bracket = SkillBracket.objects.create(name=name)
url = reverse('skillbracket-detail', (skill_bracket.id, ))
request = self.factory.get(url)
absolute_url = request.build_absolute_uri()
serializer = SkillBracketSerializer(instance=skill_bracket, context={'request': request})
self.assertEqual(serializer.data, {'id': str(skill_bracket.id),
'name': name,
'url': absolute_url})
def test_MembershipSerializer(self):
user = TFUser.objects.create_user('*****@*****.**', '12345678')
player = user.player
team = Team.objects.create(name='team')
member = TeamMember.objects.create(player=player, team=team)
url = reverse('teammember-detail', (member.id, ))
request = self.factory.get(url)
absolute_url = request.build_absolute_uri()
serializer = MembershipSerializer(instance=member, context={'request': request})
expected_data = {
'id': str(member.id),
'player': member.player.id,
'team': member.team.id,
'position': None,
'url': absolute_url
}
self.assertLessEqual(expected_data.items(), serializer.data.items())
def test_request_factory_url_arguments(self):
"""
This is a non regression test against #1461
"""
factory = APIRequestFactory()
request = factory.get("/view/?demo=test")
self.assertEqual(dict(request.GET), {"demo": ["test"]})
request = factory.get("/view/", {"demo": "test"})
self.assertEqual(dict(request.GET), {"demo": ["test"]})
def test_request_factory_url_arguments(self):
"""
This is a non regression test against #1461
"""
factory = APIRequestFactory()
request = factory.get('/view/?demo=test')
self.assertEqual(dict(request.GET), {'demo': ['test']})
request = factory.get('/view/', {'demo': 'test'})
self.assertEqual(dict(request.GET), {'demo': ['test']})
class CollectionResourceTest(TestCase):
def setUp(self):
self.api_client = APIRequestFactory()
self.list_url = reverse("resolwe-api:collection-list")
# TODO: add object's id
# self.detail_url = reverse('resolwe-api:collection-detail')
def test_readonly_fields(self):
self.api_client.get(self.list_url)
class LinkHeaderPaginationTests(APITestCase):
def setUp(self):
self.requests = APIRequestFactory()
def handle(self, req):
resp = DummyView.as_view()(req)
resp.render()
return resp
def test_next(self):
''''The paginator should set the Link header to a next link if there is
a next page'''
for _ in range(3):
SeedOrganization.objects.create()
resp = self.handle(self.requests.get('/?page=1&page_size=2'))
self.assertEqual(
resp['Link'],
'<http://testserver/?page=2&page_size=2>; rel="next"')
def test_prev(self):
''''The paginator should set the Link header to a previous link if
there is a previous page'''
for _ in range(3):
SeedOrganization.objects.create()
resp = self.handle(self.requests.get('/?page=2&page_size=2'))
self.assertEqual(
resp['Link'],
'<http://testserver/?page_size=2>; rel="prev"')
def test_next_and_prev(self):
''''The paginator should set the Link header to a next and previous
link if there are both a next and a previous page'''
pass
for _ in range(5):
SeedOrganization.objects.create()
resp = self.handle(self.requests.get('/?page=2&page_size=2'))
self.assertEqual(
resp['Link'],
'<http://testserver/?page=3&page_size=2>; rel="next", '
'<http://testserver/?page_size=2>; rel="prev"')
def test_no_next_no_prev(self):
'''The paginator should not set the Link header if there is not a next
or previous page'''
for _ in range(2):
SeedOrganization.objects.create()
resp = self.handle(self.requests.get('/?page=1&page_size=2'))
self.assertTrue('Link' not in resp)
class AssaysAPITests(APITestCase):
def setUp(self):
self.factory = APIRequestFactory()
investigation = Investigation.objects.create()
study = Study.objects.create(
file_name='test_filename123.txt',
title='Study Title Test',
investigation=investigation)
self.assay = {
'study': study,
'measurement': 'transcription factor binding site',
'measurement_accession': 'http://www.testurl.org/testID',
'measurement_source': 'OBI',
'technology': 'nucleotide sequencing',
'technology_accession': 'test info',
'technology_source': 'test source',
'platform': 'Genome Analyzer II',
'file_name': 'test_assay_filename.txt'
}
assay = Assay.objects.create(**self.assay)
self.assay['uuid'] = assay.uuid
self.assay['study'] = study.id
self.valid_uuid = assay.uuid
self.url_root = '/api/v2/assays/'
self.view = Assays.as_view()
self.invalid_uuid = "0xxx000x-00xx-000x-xx00-x00x00x00x0x"
self.invalid_format_uuid = "xxxxxxxx"
def tearDown(self):
Assay.objects.all().delete()
Study.objects.all().delete()
Investigation.objects.all().delete()
def test_get_valid(self):
# valid_uuid
request = self.factory.get('%s/%s/' % (self.url_root, self.valid_uuid))
response = self.view(request, self.valid_uuid)
self.assertEqual(response.status_code, 200)
self.assertItemsEqual(response.data.keys(), self.assay.keys())
self.assertItemsEqual(response.data.values(), self.assay.values())
def test_get_invalid(self):
# invalid_uuid
request = self.factory.get('%s/%s/' % (self.url_root,
self.invalid_uuid))
response = self.view(request, self.invalid_uuid)
self.assertEqual(response.status_code, 404)
def test_get_invalid_format(self):
# invalid_format_uuid
request = self.factory.get('%s/%s/'
% (self.url_root, self.invalid_format_uuid))
response = self.view(request, self.invalid_format_uuid)
self.assertEqual(response.status_code, 404)
def test_channel_uint64_cuboid_aligned_no_offset_no_time_blosc(self):
""" Test uint64 data, cuboid aligned, no offset, no time samples"""
test_mat = np.ones((128, 128, 16))
test_mat = test_mat.astype(np.uint64)
test_mat = test_mat.reshape((16, 128, 128))
bb = blosc.compress(test_mat, typesize=64)
# Create request
factory = APIRequestFactory()
request = factory.post('/' + version + '/cutout/col1/exp1/layer1/0/0:128/0:128/0:16/', bb,
content_type='application/blosc')
# log in user
force_authenticate(request, user=self.user)
# Make request
response = Cutout.as_view()(request, collection='col1', experiment='exp1', channel='layer1',
resolution='0', x_range='0:128', y_range='0:128', z_range='0:16', t_range=None)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
# Create Request to get data you posted
request = factory.get('/' + version + '/cutout/col1/exp1/layer1/0/0:128/0:128/0:16/',
accepts='application/blosc')
# log in user
force_authenticate(request, user=self.user)
# Make request
response = Cutout.as_view()(request, collection='col1', experiment='exp1', channel='layer1',
resolution='0', x_range='0:128', y_range='0:128', z_range='0:16', t_range=None).render()
self.assertEqual(response.status_code, status.HTTP_200_OK)
# Decompress
raw_data = blosc.decompress(response.content)
data_mat = np.fromstring(raw_data, dtype=np.uint64)
data_mat = np.reshape(data_mat, (16, 128, 128), order='C')
# Test for data equality (what you put in is what you got back!)
np.testing.assert_array_equal(data_mat, test_mat)
# get the bounding box
# Create request
factory = APIRequestFactory()
request = factory.get('/' + version + '/ids/col1/exp1/layer1/0/0:128/0:128/0:16/')
# log in user
force_authenticate(request, user=self.user)
# Make request
response = Ids.as_view()(request, collection='col1', experiment='exp1', channel='layer1',
resolution='0', x_range='0:128', y_range='0:128', z_range='0:16',
t_range=None)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data['ids'], ['1'])
class TestChartsViewSet(TestBase):
def setUp(self):
super(self.__class__, self).setUp()
# publish tutorial form as it has all the different field types
self._publish_xls_file_and_set_xform(
os.path.join(
os.path.dirname(__file__),
'..', 'fixtures', 'forms', 'tutorial', 'tutorial.xls'))
self.api_client = APIClient()
self.api_client.login(
username=self.login_username, password=self.login_password)
self.view = ChartsViewSet.as_view({
'get': 'retrieve'
})
self.request_factory = APIRequestFactory()
def test_get_on_categorized_field(self):
data = {'field_name': 'gender'}
request = self.request_factory.get('/charts', data)
force_authenticate(request, user=self.user)
response = self.view(
request,
pk=self.xform.id
)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['field_type'], 'select one')
self.assertEqual(response.data['field_name'], 'gender')
self.assertEqual(response.data['data_type'], 'categorized')
def test_get_on_date_field(self):
data = {'field_name': 'date'}
request = self.request_factory.get('/charts', data)
force_authenticate(request, user=self.user)
response = self.view(
request,
pk=self.xform.id)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['field_type'], 'date')
self.assertEqual(response.data['field_name'], 'date')
self.assertEqual(response.data['data_type'], 'time_based')
def test_get_on_numeric_field(self):
data = {'field_name': 'age'}
request = self.request_factory.get('/charts', data)
force_authenticate(request, user=self.user)
response = self.view(
request,
pk=self.xform.id
)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['field_type'], 'integer')
self.assertEqual(response.data['field_name'], 'age')
self.assertEqual(response.data['data_type'], 'numeric')
class ContactListCreateAPIViewTests(TestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.book = factories.BookFactory.create()
self.user = UserFactory.create(username='******')
bookowner = factories.BookOwnerFactory.create(
book=self.book,
user=self.user,
)
def test_contact_list_view(self):
contact = factories.ContactFactory.create(book=self.book)
request = self.factory.get('/api/contacts/', format='json')
force_authenticate(request, user=self.user)
response = views.ContactListCreateAPIView.as_view()(request)
response.render()
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.data), 1)
def test_contact_list_view_wrong_user_for_book(self):
contact = factories.ContactFactory.create(book=self.book)
request = self.factory.get('/api/contacts/', format='json')
user = UserFactory.create(username='******')
force_authenticate(request, user=user)
response = views.ContactListCreateAPIView.as_view()(request)
response.render()
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.data), 0)
def test_contact_create_view(self):
request = self.factory.post(
'/api/contacts/',
{'name': 'Philip', 'book': str(self.book.id)},
format='json',
)
force_authenticate(request, user=self.user)
response = views.ContactListCreateAPIView.as_view()(request)
response.render()
self.assertEqual(response.status_code, 201)
def test_contact_create_view_wrong_book_for_user(self):
request = self.factory.post(
'/api/contacts/',
{'name': 'Philip', 'book': str(self.book.id)},
format='json',
)
user = UserFactory.create(username='******')
force_authenticate(request, user=user)
response = views.ContactListCreateAPIView.as_view()(request)
response.render()
self.assertEqual(response.status_code, 401)
class APIViewTests(TestCase):
def setUp(self):
self.factory = APIRequestFactory()
def test_document_view(self):
view = DocumentList.as_view()
request = self.factory.get(
'/documents/'
)
response = view(request)
self.assertEqual(response.status_code, 200)
def test_source_view(self):
view = DocumentList.as_view()
request = self.factory.get(
'/documents/dudley_weekly/'
)
response = view(request)
self.assertEqual(response.status_code, 200)
def test_individual_view(self):
view = DocumentList.as_view()
request = self.factory.get(
'/documents/dudley_weekly/dudley1'
)
response = view(request)
self.assertEqual(response.status_code, 200)
def test_status(self):
view = status
request = self.factory.get(
'/status'
)
response = view(request)
self.assertEqual(response.status_code, 200)
def test_institutions(self):
view = institutions
request = self.factory.post(
'/institutions/',
{'query': {"query": {"match": {"name": {"query": "University"}}}, "from": 0, "size": 10}},
format='json'
)
response = view(request)
self.assertEqual(response.status_code, 200)
def test_get_followed(self):
url = reverse("follows-list")
factory = APIRequestFactory()
author_a = Author.objects.create(username="******", password='******')
author_b = Author.objects.create(username="******", email="*****@*****.**", password='******')
self.client.force_authenticate(user=author_b)
Follows.objects.create(follower=author_b, followed=author_a).save()
request_a = factory.get('/author/', {'username': '******'})
follow= Follows.objects.get(follower=author_b, followed=author_a)
request = factory.get('/follow/', {'followed': author_a.id})
author_a_url= UserSerializer(author_a, context={'request': request_a}).data['url']
self.assertEqual(author_a_url, FollowSerializer(follow, context={'request': request}).data['followed'])
def setUp(self):
self.anonymous_user = AnonymousUserFactory()
self.user = UserFactory.create()
self.staff_user = UserFactory.create(is_staff=True)
factory = APIRequestFactory()
self.list_view = UserViewSet.as_view({'get': 'list'})
self.detail_view = UserViewSet.as_view({'get': 'retrieve'})
detail_url = reverse(self.url_route + '-detail', args=(self.user.id,))
list_url = reverse(self.url_route + '-list')
self.detail_request = factory.get(detail_url)
self.list_request = factory.get(list_url)
def test_encoding(self):
payment_method = PaymentMethodFactory.create()
factory = APIRequestFactory()
url = reverse('payment-method-detail',
kwargs={'payment_method_id': payment_method.pk,
'customer_pk': payment_method.customer.pk})
request = factory.get(url, format='json')
serializer = PaymentMethodSerializer(payment_method, context={
'request': request
})
expected_data = OrderedDict([
('url', 'http://testserver/customers/{}/payment_methods/{}/'.format(payment_method.customer.pk,
payment_method.pk)),
('transactions', None),
('customer', 'http://testserver/customers/{}/'.format(payment_method.customer.pk)),
('payment_processor', 'http://testserver/payment_processors/Manual/'),
('added_at', payment_method.added_at),
('verified_at', None),
('state', 'uninitialized')
])
json = JSONRenderer().render(serializer.data)
self.assertEqual(json, JSONRenderer().render(expected_data))
def test_VersatileImageFieldSerializer_output(self):
"""Ensures VersatileImageFieldSerializer serializes correctly"""
factory = APIRequestFactory()
request = factory.get('/admin/')
serializer = VersatileImageTestModelSerializer(
self.jpg,
context={'request': request}
)
self.assertEqual(
serializer.data.get('image'),
{
'test_crop': (
'http://testserver/media/__sized__/python-logo-crop'
'-c0-25__0-25-100x100.jpg'
),
'test_invert_crop': (
'http://testserver/media/__sized__/__filtered__/'
'python-logo__invert__-crop-c0-25__0-25-100x100.jpg'
),
'test_invert_thumb': (
'http://testserver/media/__sized__/__filtered__/'
'python-logo__invert__-thumbnail-100x100.jpg'
),
'test_invert': (
'http://testserver/media/__filtered__/'
'python-logo__invert__.jpg'
),
'test_thumb': (
'http://testserver/media/__sized__/python-logo-thumbnail'
'-100x100.jpg'
)
}
)
class DatatablesRendererTestCase(TestCase):
def setUp(self):
self.factory = APIRequestFactory()
def test_render_no_data(self):
renderer = DatatablesRenderer()
content = renderer.render(None)
self.assertEquals(content, bytes())
def test_render_no_pagination1(self):
obj = [{'foo': 'bar'}]
renderer = DatatablesRenderer()
view = APIView()
request = view.initialize_request(
self.factory.get('/api/foo/?format=datatables&draw=1'))
content = renderer.render(obj, 'application/json', {
'request': request,
'view': view
})
expected = {
'recordsTotal': 1,
'recordsFiltered': 1,
'data': [{
'foo': 'bar'
}],
'draw': 1
}
self.assertEquals(json.loads(content.decode('utf-8')), expected)
def test_render_no_pagination1_1(self):
obj = [{'foo': 'bar'}]
renderer = DatatablesRenderer()
view = APIView()
request = view.initialize_request(
self.factory.get('/api/foo.datatables?draw=1'))
content = renderer.render(obj, 'application/json', {
'request': request,
'view': view
})
expected = {
'recordsTotal': 1,
'recordsFiltered': 1,
'data': [{
'foo': 'bar'
}],
'draw': 1
}
self.assertEquals(json.loads(content.decode('utf-8')), expected)
def test_render_no_pagination2(self):
obj = {'results': [{'foo': 'bar'}, {'spam': 'eggs'}]}
renderer = DatatablesRenderer()
view = APIView()
request = view.initialize_request(
self.factory.get('/api/foo/?format=datatables&draw=1'))
content = renderer.render(obj, 'application/json', {
'request': request,
'view': view
})
expected = {
'recordsTotal': 2,
'recordsFiltered': 2,
'data': [{
'foo': 'bar'
}, {
'spam': 'eggs'
}],
'draw': 1
}
self.assertEquals(json.loads(content.decode('utf-8')), expected)
def test_render_no_pagination3(self):
obj = {'results': [{'foo': 'bar'}, {'spam': 'eggs'}]}
renderer = DatatablesRenderer()
view = APIView()
view._datatables_total_count = 4
view._datatables_filtered_count = 2
request = view.initialize_request(
self.factory.get('/api/foo/?format=datatables&draw=1'))
content = renderer.render(obj, 'application/json', {
'request': request,
'view': view
})
expected = {
'recordsTotal': 4,
'recordsFiltered': 2,
'data': [{
'foo': 'bar'
}, {
'spam': 'eggs'
}],
'draw': 1
}
self.assertEquals(json.loads(content.decode('utf-8')), expected)
def test_render(self):
obj = {
'recordsTotal': 4,
'recordsFiltered': 2,
'data': [{
'foo': 'bar'
}, {
'spam': 'eggs'
}]
}
renderer = DatatablesRenderer()
view = APIView()
request = view.initialize_request(
self.factory.get('/api/foo/?format=datatables&draw=2'))
content = renderer.render(obj, 'application/json', {
'request': request,
'view': view
})
expected = {
'recordsTotal': 4,
'recordsFiltered': 2,
'data': [{
'foo': 'bar'
}, {
'spam': 'eggs'
}],
'draw': 2
}
self.assertEquals(json.loads(content.decode('utf-8')), expected)
def test_render_extra_json(self):
class TestAPIView(APIView):
def test_callback(self):
return "key", "value"
class Meta:
datatables_extra_json = ('test_callback', )
obj = {
'recordsTotal': 4,
'recordsFiltered': 2,
'data': [{
'foo': 'bar'
}, {
'spam': 'eggs'
}]
}
renderer = DatatablesRenderer()
view = TestAPIView()
request = view.initialize_request(
self.factory.get('/api/foo/?format=datatables&draw=2'))
content = renderer.render(obj, 'application/json', {
'request': request,
'view': view
})
expected = {
'recordsTotal': 4,
'recordsFiltered': 2,
'data': [{
'foo': 'bar'
}, {
'spam': 'eggs'
}],
'key': 'value',
'draw': 2
}
self.assertEquals(json.loads(content.decode('utf-8')), expected)
def test_render_extra_json_attr_missing(self):
class TestAPIView(APIView):
class Meta:
datatables_extra_json = ('test_callback', )
obj = {
'recordsTotal': 4,
'recordsFiltered': 2,
'data': [{
'foo': 'bar'
}, {
'spam': 'eggs'
}]
}
renderer = DatatablesRenderer()
view = TestAPIView()
request = view.initialize_request(
self.factory.get('/api/foo/?format=datatables&draw=2'))
try:
renderer.render(obj, 'application/json', {
'request': request,
'view': view
})
self.assertEqual(True, False, "TypeError expected; did not occur.")
except TypeError as e:
self.assertEqual(
e.__str__(),
"extra_json_funcs: test_callback not a view method.")
def test_render_extra_json_attr_not_callable(self):
class TestAPIView(APIView):
test_callback = 'gotcha'
class Meta:
datatables_extra_json = ('test_callback', )
obj = {
'recordsTotal': 4,
'recordsFiltered': 2,
'data': [{
'foo': 'bar'
}, {
'spam': 'eggs'
}]
}
renderer = DatatablesRenderer()
view = TestAPIView()
request = view.initialize_request(
self.factory.get('/api/foo/?format=datatables&draw=2'))
try:
renderer.render(obj, 'application/json', {
'request': request,
'view': view
})
self.assertEqual(True, False, "TypeError expected; did not occur.")
except TypeError as e:
self.assertEqual(e.__str__(),
"extra_json_funcs: test_callback not callable.")
def test_render_extra_json_clashes(self):
class TestAPIView(APIView):
def test_callback(self):
return "recordsTotal", "this could be bad"
class Meta:
datatables_extra_json = ('test_callback', )
obj = {
'recordsTotal': 4,
'recordsFiltered': 2,
'data': [{
'foo': 'bar'
}, {
'spam': 'eggs'
}]
}
renderer = DatatablesRenderer()
view = TestAPIView()
request = view.initialize_request(
self.factory.get('/api/foo/?format=datatables&draw=2'))
try:
renderer.render(obj, 'application/json', {
'request': request,
'view': view
})
self.assertEqual(True, False, "Value expected; did not occur.")
except ValueError as e:
self.assertEqual(e.__str__(), "Duplicate key found: recordsTotal")
def get_project(self, project, user):
factory = APIRequestFactory()
request = factory.get("/projects", format="json")
force_authenticate(request, user=user)
return ProjectViewSet.as_view({"get": "retrieve"})(request,
pk=project.id)
class SocietyTests(APITestCase):
def setUp(self):
self.valid_payload = {
'name': 'Team Comfam',
'description': 'Esusu society for staff of Team Confam',
'maximum_capacity': 10,
'periodic_amount': 100000,
'is_searchable': True,
}
self.user = get_test_user()
self.token = get_auth_token()
self.society_view = SocietyView.as_view()
self.society_url = path('society/', self.society_view)
self.search_society_view = SearchSocietiesView.as_view()
self.search_society_url = path('society/search/',
self.search_society_view)
self.society_contributions_view = SocietyContributions.as_view()
self.society_contributions_url = path('society/contributions/',
self.society_contributions_view,
name='society-contribution')
self.factory = APIRequestFactory()
def test_user_can_create_a_society(self):
"""
Ensure a new user can setup a new esusu society.
"""
self.assertEqual(self.user.is_society_admin, False)
request = self.factory.post(self.society_url,
data=self.valid_payload,
HTTP_AUTHORIZATION=f'Bearer {self.token}',
format='json')
force_authenticate(request, user=self.user)
response = self.society_view(request)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
society = Society.objects.filter(
name=self.valid_payload['name']).first()
self.assertIsNotNone(society)
self.assertEqual(society.admin, self.user)
self.user.refresh_from_db()
self.assertEqual(self.user.is_society_admin, True)
self.user.society = None
self.user.is_society_admin = False
self.user.save()
society.delete()
def test_user_cannot_create_multiple_societies(self):
society = create_fake_society()
creator = society.admin
self.assertEqual(creator.is_society_admin, True)
request = self.factory.post(
self.society_url,
data=self.valid_payload,
HTTP_AUTHORIZATION=f'Bearer {get_auth_token(creator)}',
format='json')
force_authenticate(request, user=creator)
response = self.society_view(request)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
def test_can_search_for_public_societies(self):
delete_all_societies()
create_fake_society(searchable=True)
searchable_society = Society.objects.filter(is_searchable=True).first()
creator = searchable_society.admin
request = self.factory.get(
self.search_society_url, {'name': searchable_society.name},
HTTP_AUTHORIZATION=f'Bearer {get_auth_token(creator)}')
force_authenticate(request, user=creator)
response = self.search_society_view(request)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(response.data), 1)
def test_cannot_search_for_private_societies(self):
delete_all_societies()
create_fake_society(searchable=False)
unsearchable_society = Society.objects.filter(
is_searchable=False).first()
fake_user = get_fake_user()
request = self.factory.get(
self.search_society_url, {'name': unsearchable_society.name},
HTTP_AUTHORIZATION=f'Bearer {get_auth_token(fake_user)}')
force_authenticate(request, user=fake_user)
response = self.search_society_view(request)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(response.data), 0)
def test_can_view_society_users_and_contribution(self):
society = create_fake_society()
user = add_user_to_society(society)
admin_user = society.admin
request = self.factory.get(
self.society_contributions_url, {'': ''},
HTTP_AUTHORIZATION=f'Bearer {get_auth_token(admin_user)}')
force_authenticate(request, user=admin_user)
response = self.society_contributions_view(request)
self.assertEqual(response.status_code, status.HTTP_200_OK)
user_request = self.factory.get(
self.society_contributions_url, {'': ''},
HTTP_AUTHORIZATION=f'Bearer {get_auth_token(user)}')
force_authenticate(user_request, user=user)
response = self.society_contributions_view(user_request)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
class GroupingContributionsSingleMediaApiViewTest(TestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.admin = UserF.create()
self.creator = UserF.create()
self.viewer = UserF.create()
self.project = ProjectF(add_admins=[self.admin],
add_contributors=[self.creator])
self.contribution = ObservationFactory.create(**{
'project': self.project,
'creator': self.creator
})
self.viewer = UserF.create()
self.grouping = GroupingFactory.create(add_viewers=[self.viewer],
**{'project': self.project})
RuleFactory.create(**{
'grouping': self.grouping,
'category': self.contribution.category
})
self.image_file = ImageFileFactory.create(**{
'contribution': self.contribution,
'creator': self.creator
})
def tearDown(self):
files = glob.glob(
os.path.join(settings.MEDIA_ROOT, 'user-uploads/images/*'))
for f in files:
os.remove(f)
def get(self, user):
url = reverse('api:grouping_single_media',
kwargs={
'project_id': self.project.id,
'grouping_id': self.grouping.id,
'contribution_id': self.contribution.id,
'file_id': self.image_file.id
})
request = self.factory.get(url)
force_authenticate(request, user)
view = GroupingContributionsSingleMediaApiView.as_view()
return view(request,
project_id=self.project.id,
grouping_id=self.grouping.id,
contribution_id=self.contribution.id,
file_id=self.image_file.id).render()
def delete(self, user):
url = reverse('api:grouping_single_media',
kwargs={
'project_id': self.project.id,
'grouping_id': self.grouping.id,
'contribution_id': self.contribution.id,
'file_id': self.image_file.id
})
request = self.factory.delete(url)
force_authenticate(request, user)
view = GroupingContributionsSingleMediaApiView.as_view()
return view(request,
project_id=self.project.id,
grouping_id=self.grouping.id,
contribution_id=self.contribution.id,
file_id=self.image_file.id).render()
def test_get_image_with_admin(self):
response = self.get(self.admin)
self.assertEqual(response.status_code, 200)
def test_get_image_with_contributor(self):
response = self.get(self.creator)
self.assertEqual(response.status_code, 404)
def test_get_image_with_viewer(self):
response = self.get(self.viewer)
self.assertEqual(response.status_code, 200)
def test_get_image_with_some_dude(self):
response = self.get(UserF.create())
self.assertEqual(response.status_code, 404)
def test_get_image_with_anonymous(self):
response = self.get(AnonymousUser())
self.assertEqual(response.status_code, 404)
def test_delete_image_with_admin(self):
response = self.delete(self.admin)
self.assertEqual(response.status_code, 204)
def test_delete_image_with_contributor(self):
response = self.delete(self.creator)
self.assertEqual(response.status_code, 404)
def test_delete_image_with_viewer(self):
response = self.delete(self.viewer)
self.assertEqual(response.status_code, 403)
def test_delete_image_with_some_dude(self):
response = self.delete(UserF.create())
self.assertEqual(response.status_code, 404)
def test_delete_image_with_anonymous(self):
response = self.delete(AnonymousUser())
self.assertEqual(response.status_code, 404)
class WebhookEndpointTest(TestCase, APIUtilUsers, APIUtilWebhook):
def setUp(self):
super(WebhookEndpointTest, self).setUp()
self.admin_user = self.create_user(
'mysite_user', password=settings.DJANGO_PYCOIN_ADMIN_PASS)
self.web_user = self.create_user('*****@*****.**')
self.other_user = self.create_user('*****@*****.**')
self.webhooks_web = self.create_webhook(self.web_user,
'transfer.webhook',
'http://localhost.com/')
self.factory = APIRequestFactory()
def test_list_web(self):
"""
Test that a web user can list his webhooks.
He should not have access to the webhooks of others in the db.
"""
view = HookViewSet.as_view({'get': 'list'})
request = self.factory.get('/api/webhooks/')
force_authenticate(request, user=self.web_user)
response = view(request)
self.assertIs(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data['count'], 1)
self.assertEqual(response.data['webhooks'][0]['user'],
self.web_user.id)
force_authenticate(request, user=self.other_user)
response = view(request)
self.assertIs(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data['count'], 0)
def test_retrieve_web(self):
"""
Test that a user can only retrieve his own.
"""
view = HookViewSet.as_view({'get': 'retrieve'})
url = '/api/webhooks/{0}/'.format(self.webhooks_web.data['id'])
request = self.factory.get(url)
force_authenticate(request, user=self.web_user)
response = view(request, pk=self.webhooks_web.data['id'])
self.assertIs(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data['id'], self.webhooks_web.data['id'])
force_authenticate(request, user=self.other_user)
response = view(request, pk=self.webhooks_web.data['id'])
self.assertIs(response.status_code, status.HTTP_404_NOT_FOUND)
def test_create_web(self):
"""
Test creation of a webhook
"""
# not yet created during setup ('local' i.s.o. 'test')
view = HookViewSet.as_view({'post': 'create'})
request = self.factory.post('/api/webhooks/', {
'event': 'share.webhook',
'target': 'http://localhost.com'
})
force_authenticate(request, user=self.web_user)
response = view(request)
self.assertIs(response.status_code, status.HTTP_201_CREATED)
db_hook = Hook.objects.get(id=response.data['id'])
self.assertEqual(response.data['event'], db_hook.event)
self.assertEqual(response.data['target'], db_hook.target)
self.assertEqual(response.data['user'], db_hook.user_id)
def test_delete_web(self):
"""
Test deletion of a webhook
"""
# not yet created during setup ('local' i.s.o. 'test')
view = HookViewSet.as_view({'delete': 'destroy'})
url = '/api/webhooks/{0}/'.format(self.webhooks_web.data['id'])
request = self.factory.delete(url)
force_authenticate(request, user=self.web_user)
response = view(request, pk=self.webhooks_web.data['id'])
self.assertIs(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(Hook.objects.filter(user=self.web_user)), 0)
