class TestHookMigration(OsfTestCase):
def setUp(self):
super(TestHookMigration, self).setUp()
self.project = ProjectFactory()
self.project.creator.add_addon('github')
self.user_addon = self.project.creator.get_addon('github')
self.project.add_addon('github', None)
self.node_addon = self.project.get_addon('github')
self.node_addon.hook_id = 1
self.node_addon.user_settings = self.user_addon
self.node_addon.save()
@mock.patch('addons.github.utils.make_hook_secret')
@mock.patch('addons.github.api.GitHub.repo')
def test_update_hook(self, mock_repo, mock_make_secret):
mock_make_secret.return_value = 'shh'
update_hook(self.node_addon)
self.node_addon.reload()
assert_equal(self.node_addon.hook_secret, 'shh')
def test_get_targets(self):
AddonGitHubNodeSettings.remove()
addons = [
AddonGitHubNodeSettings(),
AddonGitHubNodeSettings(hook_id=1),
AddonGitHubNodeSettings(user_settings=self.user_addon),
AddonGitHubNodeSettings(hook_id=1, user_settings=self.user_addon),
]
for addon in addons:
addon.save()
targets = get_targets()
assert_equal(targets.count(), 1)
assert_equal(targets[0]._id, addons[-1]._id)
class TestUtils(OsfTestCase):
def setUp(self):
OsfTestCase.setUp(self)
self.project = ProjectFactory()
def test_prepare_file_name(self):
name, content, content_type, size = prepare_file(make_file_like(
name='file')
)
assert_equal(name, 'file')
def test_prepare_file_name_missing(self):
name, content, content_type, size = prepare_file(
make_file_like(name='ü')
)
assert_equal(name, settings.MISSING_FILE_NAME)
def test_get_current_file_version(self):
self.project.add_file(Auth(self.project.creator), 'foo', 'somecontent', 128, 'rst')
result = get_latest_version_number('foo', node=self.project)
assert_equal(result, 0)
# Update the file
self.project.add_file(Auth(self.project.creator), 'foo', 'newcontent', 128, 'rst')
result = get_latest_version_number('foo', node=self.project)
assert_equal(result, 1)
def test_get_current_file_raises_error_when_file_not_found(self):
with assert_raises(FileNotFoundError):
get_latest_version_number('notfound', node=self.project)
class TestDatasetMigration(OsfTestCase):
def setUp(self):
super(TestDatasetMigration, self).setUp()
self.project = ProjectFactory()
self.project.creator.add_addon('dataverse')
self.user_addon = self.project.creator.get_addon('dataverse')
self.project.add_addon('dataverse', None)
self.node_addon = self.project.get_addon('dataverse')
self.node_addon.study_hdl = 'doi:12.3456/DVN/00003'
self.node_addon.study = 'Example (DVN/00003)'
self.node_addon.user_settings = self.user_addon
self.node_addon.save()
def test_migration(self):
do_migration([self.node_addon], dry=False)
self.node_addon.reload()
assert_equal(self.node_addon.dataset_doi, 'doi:12.3456/DVN/00003')
assert_equal(self.node_addon.dataset, 'Example (DVN/00003)')
def test_get_targets(self):
AddonDataverseNodeSettings.remove()
addons = [
AddonDataverseNodeSettings(),
AddonDataverseNodeSettings(study_hdl='foo'),
AddonDataverseNodeSettings(user_settings=self.user_addon),
AddonDataverseNodeSettings(study_hdl='foo', user_settings=self.user_addon),
]
for addon in addons:
addon.save()
targets = get_targets()
assert_equal(targets.count(), 1)
assert_equal(targets[0]._id, addons[-1]._id)
def setUp(self):
super(TestMustBeContributorOrPublicButNotAnonymizedDecorator, self).setUp()
self.contrib = AuthUserFactory()
self.non_contrib = AuthUserFactory()
admin = UserFactory()
self.public_project = ProjectFactory(is_public=True)
self.public_project.add_contributor(admin, auth=Auth(self.public_project.creator), permissions=['read', 'write', 'admin'])
self.private_project = ProjectFactory(is_public=False)
self.private_project.add_contributor(admin, auth=Auth(self.private_project.creator), permissions=['read', 'write', 'admin'])
self.public_project.add_contributor(self.contrib, auth=Auth(self.public_project.creator))
self.private_project.add_contributor(self.contrib, auth=Auth(self.private_project.creator))
self.public_project.save()
self.private_project.save()
self.anonymized_link_to_public_project = PrivateLinkFactory(anonymous=True)
self.anonymized_link_to_private_project = PrivateLinkFactory(anonymous=True)
self.anonymized_link_to_public_project.nodes.append(self.public_project)
self.anonymized_link_to_public_project.save()
self.anonymized_link_to_private_project.nodes.append(self.private_project)
self.anonymized_link_to_private_project.save()
self.flaskapp = Flask('Testing decorator')
@self.flaskapp.route('/project/<pid>/')
@must_be_contributor_or_public_but_not_anonymized
def project_get(**kwargs):
return 'success', 200
self.app = TestApp(self.flaskapp)
class TestViewsAuth(OsfTestCase):
def setUp(self):
super(TestViewsAuth, self).setUp()
self.user = AuthUserFactory()
self.consolidated_auth = Auth(user=self.user)
self.auth = ('test', self.user.api_keys[0]._primary_key)
self.project = ProjectFactory(creator=self.user)
self.non_authenticator = AuthUserFactory()
self.project.add_contributor(
contributor=self.non_authenticator,
auth=Auth(self.project.creator),
)
self.project.add_addon('figshare', auth=self.consolidated_auth)
self.project.creator.add_addon('figshare')
self.node_settings = self.project.get_addon('figshare')
self.user_settings = self.project.creator.get_addon('figshare')
self.node_settings.user_settings = self.user_settings
self.node_settings.figshare_id = '436'
self.node_settings.figshare_type = 'project'
self.node_settings.save()
@unittest.skip('finish this')
def test_oauth_fail(self):
url = '/api/v1/project/{0}/figshare/oauth/'.format(self.project._id)
self.app.get(url, auth=self.user.auth)
@unittest.skip('finish this')
def test_oauth_bad_token(self):
pass
def test_sees_projects_in_her_dashboard(self):
# the user already has a project
project = ProjectFactory(creator=self.user)
project.add_contributor(self.user)
project.save()
res = self.app.get('/myprojects/', auth=self.user.auth)
assert_in('Projects', res) # Projects heading
class TestGoogleDriveHgridViews(OsfTestCase):
def setUp(self):
super(TestGoogleDriveHgridViews, self).setUp()
self.user = AuthUserFactory()
self.user.add_addon('googledrive')
self.project = ProjectFactory(creator=self.user)
self.project.add_addon('googledrive', Auth(self.user))
self.node_settings = self.project.get_addon('googledrive')
self.user_settings = self.user.get_addon('googledrive')
self.node_settings.user_settings = self.user_settings
self.user_settings.save()
self.node_settings.save()
# Log user in
self.app.authenticate(*self.user.auth)
@mock.patch('website.addons.googledrive.views.hgrid.GoogleDriveClient.folders')
def test_googledrive_folders(self, mock_drive_client_folders):
folderId = '12345'
mock_drive_client_folders.return_value = mock_folders['items']
url = api_url_for('googledrive_folders', pid=self.project._primary_key, folderId=folderId)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json), len(mock_folders['items']))
@mock.patch('website.addons.googledrive.views.hgrid.GoogleDriveClient.about')
def test_googledrive_folders_returns_only_root(self, mock_about):
mock_about.return_value = {'rootFolderId': '24601'}
url = self.project.api_url_for('googledrive_folders')
res = self.app.get(url, auth=self.user.auth)
assert_equal(len(res.json), 1)
assert_equal(res.status_code, 200)
assert_equal(res.json[0]['id'], '24601')
def setUp(self):
super(TestNodeTags, self).setUp()
self.user = AuthUserFactory()
self.admin = AuthUserFactory()
self.user_two = AuthUserFactory()
self.read_only_contributor = AuthUserFactory()
self.public_project = ProjectFactory(title="Project One", is_public=True, creator=self.user)
self.public_project.add_contributor(self.user, permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS, save=True)
self.private_project = ProjectFactory(title="Project Two", is_public=False, creator=self.user)
self.private_project.add_contributor(self.user, permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS, save=True)
self.private_project.add_contributor(self.admin, permissions=permissions.CREATOR_PERMISSIONS, save=True)
self.public_url = '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
self.private_url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
self.one_new_tag_json = {
'data': {
'id': self.public_project._id,
'type': 'nodes',
'attributes': {
'tags': ['new-tag']
}
}
}
self.private_payload = {
'data': {
'id': self.private_project._id,
'type': 'nodes',
'attributes': {
'tags': ['new-tag']
}
}
}
class TestSearchExceptions(OsfTestCase):
"""
Verify that the correct exception is thrown when the connection is lost
"""
@classmethod
def setUpClass(cls):
logging.getLogger('website.project.model').setLevel(logging.CRITICAL)
super(TestSearchExceptions, cls).setUpClass()
if settings.SEARCH_ENGINE == 'elastic':
cls._es = search.search_engine.es
search.search_engine.es = None
@classmethod
def tearDownClass(cls):
super(TestSearchExceptions, cls).tearDownClass()
if settings.SEARCH_ENGINE == 'elastic':
search.search_engine.es = cls._es
def test_connection_error(self):
# Ensures that saving projects/users doesn't break as a result of connection errors
self.user = UserFactory(usename='Doug Bogie')
self.project = ProjectFactory(
title="Tom Sawyer",
creator=self.user,
is_public=True,
)
self.user.save()
self.project.save()
def test_populate_new_and_noteworthy(self):
self.popular_links_node = ProjectFactory(creator=self.user)
self.popular_links_node._id = POPULAR_LINKS_NODE
self.popular_links_node.save()
self.new_and_noteworthy_links_node = ProjectFactory()
self.new_and_noteworthy_links_node._id = NEW_AND_NOTEWORTHY_LINKS_NODE
self.new_and_noteworthy_links_node.save()
popular_nodes = [self.pop1, self.pop2, self.pop3, self.pop4, self.pop5]
for node in popular_nodes:
self.popular_links_node.add_pointer(node, auth=Auth(self.user), save=True)
assert_equal(len(self.popular_links_node.nodes), 5)
assert_equal(len(self.new_and_noteworthy_links_node.nodes), 0)
script.main(dry_run=False)
self.popular_links_node.reload()
self.new_and_noteworthy_links_node.reload()
assert_equal(len(self.popular_links_node.nodes), 0) # verifies remove pointer is working
assert_equal(len(self.new_and_noteworthy_links_node.nodes), 5)
script.main(dry_run=False)
self.popular_links_node.reload()
self.new_and_noteworthy_links_node.reload()
popular_node_links = [pointer.node._id for pointer in self.popular_links_node.nodes]
assert_equal(popular_node_links, [])
new_and_noteworthy_node_links = {pointer.node._id for pointer in self.new_and_noteworthy_links_node.nodes}
assert_equal(set(new_and_noteworthy_node_links), {self.nn1._id, self.nn2._id, self.nn3._id, self.nn4._id, self.nn5._id})
def test_POST_register_embargo_does_not_make_project_or_children_public(self, mock_enqueue):
public_project = ProjectFactory(creator=self.user, is_public=True)
component = NodeFactory(creator=self.user, parent=public_project, title="Component", is_public=True)
subproject = ProjectFactory(creator=self.user, parent=public_project, title="Subproject", is_public=True)
subproject_component = NodeFactory(creator=self.user, parent=subproject, title="Subcomponent", is_public=True)
res = self.app.post(
public_project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"),
self.valid_embargo_payload,
content_type="application/json",
auth=self.user.auth,
)
public_project.reload()
assert_equal(res.status_code, 201)
# Last node directly registered from self.project
registration = Node.load(public_project.node__registrations[-1])
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
class TestCheckAuth(OsfTestCase):
def setUp(self):
super(TestCheckAuth, self).setUp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
def test_has_permission(self):
res = views.check_access(self.node, self.user, 'upload')
assert_true(res)
def test_not_has_permission_read_public(self):
self.node.is_public = True
self.node.save()
res = views.check_access(self.node, None, 'download')
def test_not_has_permission_read_has_link(self):
link = new_private_link('red-special', self.user, [self.node], anonymous=False)
res = views.check_access(self.node, None, 'download', key=link.key)
def test_not_has_permission_logged_in(self):
user2 = AuthUserFactory()
with assert_raises(HTTPError) as exc_info:
views.check_access(self.node, user2, 'download')
assert_equal(exc_info.exception.code, 403)
def test_not_has_permission_not_logged_in(self):
with assert_raises(HTTPError) as exc_info:
views.check_access(self.node, None, 'download')
assert_equal(exc_info.exception.code, 401)
def setUp(self):
super(TestNodeTags, self).setUp()
self.user = AuthUserFactory()
self.admin = AuthUserFactory()
self.user_two = AuthUserFactory()
self.read_only_contributor = AuthUserFactory()
self.public_project = ProjectFactory(title="Project One", is_public=True, creator=self.user)
self.public_project.add_contributor(
self.user, permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS, save=True
)
self.private_project = ProjectFactory(title="Project Two", is_public=False, creator=self.user)
self.private_project.add_contributor(
self.user, permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS, save=True
)
self.private_project.add_contributor(self.admin, permissions=permissions.CREATOR_PERMISSIONS, save=True)
self.public_url = "/{}nodes/{}/".format(API_BASE, self.public_project._id)
self.private_url = "/{}nodes/{}/".format(API_BASE, self.private_project._id)
self.one_new_tag_json = {
"data": {"id": self.public_project._id, "type": "nodes", "attributes": {"tags": ["new-tag"]}}
}
self.private_payload = {
"data": {"id": self.private_project._id, "type": "nodes", "attributes": {"tags": ["new-tag"]}}
}
class TestUserGet(AdminTestCase):
def setUp(self):
super(TestUserGet, self).setUp()
User.remove()
self.user_1 = AuthUserFactory()
self.auth = Auth(user=self.user_1)
self.project = ProjectFactory(creator=self.user_1)
self.project.add_unregistered_contributor(
email='*****@*****.**',
fullname='Weezy F. Baby',
auth=self.auth
)
self.user_3 = AuthUserFactory()
self.user_3.date_confirmed = None
self.user_3.save()
self.user_4 = AuthUserFactory()
def test_get_all_user_count(self):
time_now = datetime.utcnow()
count = get_all_user_count(time_now)
nt.assert_equal(count, 4)
def test_get_unregistered_users(self):
count = get_unregistered_users()
nt.assert_equal(count, 1)
def test_project_dashboard_shows_no_wiki_content_text(self):
# Regression test for:
# https://github.com/CenterForOpenScience/openscienceframework.org/issues/1104
project = ProjectFactory(creator=self.user)
url = project.web_url_for('view_project')
res = self.app.get(url, auth=self.user.auth)
assert_in('No wiki content', res)
class TestNodeSettings(OsfTestCase):
def setUp(self):
super(TestNodeSettings, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_addon('figshare', auth=Auth(self.user))
self.project.creator.add_addon('figshare')
self.node_settings = self.project.get_addon('figshare')
self.user_settings = self.project.creator.get_addon('figshare')
self.user_settings.oauth_access_token = 'legittoken'
self.user_settings.oauth_access_token_secret = 'legittoken'
self.user_settings.save()
self.node_settings.user_settings = self.user_settings
self.node_settings.figshare_id = '123456'
self.node_settings.figshare_type = 'project'
self.node_settings.figshare_title = 'singlefile'
self.node_settings.save()
def test_complete_true(self):
assert_true(self.node_settings.has_auth)
assert_true(self.node_settings.complete)
def test_complete_false(self):
self.node_settings.figshare_id = None
assert_true(self.node_settings.has_auth)
assert_false(self.node_settings.complete)
def test_complete_auth_false(self):
self.node_settings.user_settings = None
assert_false(self.node_settings.has_auth)
assert_false(self.node_settings.complete)
def test__initiate_embargo_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin, auth=Auth(project.creator), save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin, auth=Auth(project.creator), save=True)
grandchild = NodeFactory(creator=grandchild_admin, parent=child) # noqa
embargo = project._initiate_embargo(
project.creator,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_in(project_admin._id, embargo.approval_state)
assert_in(child_admin._id, embargo.approval_state)
assert_in(grandchild_admin._id, embargo.approval_state)
assert_not_in(project_non_admin._id, embargo.approval_state)
assert_not_in(child_non_admin._id, embargo.approval_state)
def test_has_permission_on_parent_node_copyto_fail_if_not_registration(self):
component_admin = AuthUserFactory()
component = ProjectFactory(creator=component_admin, parent=self.node)
assert_false(component.has_permission(self.user, 'write'))
with assert_raises(HTTPError):
views.check_access(component, Auth(user=self.user), 'copyto', None)
def test_has_permission_on_parent_node_copyfrom(self):
component_admin = AuthUserFactory()
component = ProjectFactory(creator=component_admin, is_public=False, parent=self.node)
assert_false(component.has_permission(self.user, 'write'))
res = views.check_access(component, Auth(user=self.user), 'copyfrom', None)
assert_true(res)
def setUp(self):
super(LogsTestCase, self).setUp()
self.user = AuthUserFactory()
self.user_two = AuthUserFactory()
self.action_set = NodeLog.actions
self.node = ProjectFactory(is_public=False)
self.node.add_contributor(self.user, permissions=[osf_permissions.READ], auth=Auth(self.node.creator), log=True, save=True)
self.log = self.node.logs[0]
self.log_add_contributor = self.node.logs[1]
self.public_node = ProjectFactory(is_public=True)
self.public_node.add_contributor(self.user, permissions=[osf_permissions.READ], auth=Auth(self.node.creator), log=True, save=True)
self.public_log = self.public_node.logs[0]
self.public_log_add_contributor = self.public_node.logs[1]
self.node_log_url = '/{}nodes/{}/logs/'.format(API_BASE, self.node._id)
self.url = '/{}logs/'.format(API_BASE)
self.log_nodes_url = self.url + '{}/nodes/'.format(self.log._id)
self.private_log_detail = self.url + '{}/'.format(self.log._id)
self.log_public_nodes_url = self.url + '{}/nodes/'.format(self.public_log._id)
self.public_log_detail = self.url + '{}/'.format(self.public_log._id)
class TestNodeSettings(OsfTestCase):
def setUp(self):
super(TestNodeSettings, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.user.add_addon('s3')
self.project.add_addon('s3', auth=Auth(self.user))
self.user_settings = self.user.get_addon('s3')
self.node_settings = self.project.get_addon('s3')
self.user_settings.access_key = 'We-Will-Rock-You'
self.user_settings.secret_key = 'Idontknowanyqueensongs'
self.user_settings.save()
self.node_settings.bucket = 'Sheer-Heart-Attack'
self.node_settings.user_settings = self.user_settings
self.node_settings.save()
def test_complete_true(self):
assert_true(self.node_settings.has_auth)
assert_true(self.node_settings.complete)
def test_complete_false(self):
self.node_settings.bucket = None
assert_true(self.node_settings.has_auth)
assert_false(self.node_settings.complete)
def test_complete_auth_false(self):
self.node_settings.user_settings = None
assert_false(self.node_settings.has_auth)
assert_false(self.node_settings.complete)
def test_cant_see_make_private_button_if_not_admin(self):
# User is a contributor on a project
project = ProjectFactory(is_public=True)
project.add_contributor(self.user, permissions=["read", "write"], save=True)
# User goes to the project page
res = self.app.get(project.url, auth=self.auth).maybe_follow()
assert_not_in("Make Private", res)
def setUp(self):
self.user = UserFactory()
self.public_node = ProjectFactory(creator=self.user, is_public=True)
self.public_node = ProjectFactory(creator=self.user, is_public=False)
self.request = RequestFactory().post('/fake_path')
self.view = SpamUserDeleteView()
self.view = setup_log_view(self.view, self.request, guid=self.user._id)
def test_migration(self):
BoxUserSettings.remove()
user = UserFactory()
node = ProjectFactory(creator=user)
account = BoxAccountFactory()
user.external_accounts = [account]
user.add_addon('box', auth=Auth(user))
user_addon = user.get_addon('box')
user_addon.save()
node.add_addon('box', auth=Auth(user))
node_addon = node.get_addon('box')
node_addon.foreign_user_settings = user_addon
node_addon.folder_id = 'abcdef0'
node_addon.folder_path = '/'
node_addon.folder_name = '/ (Full Box)'
node_addon.save()
assert_equal(node_addon.external_account, None)
assert_equal(node_addon.folder_id, 'abcdef0')
do_migration()
node_addon.reload()
assert_equal(node_addon.external_account, account)
assert_equal(node_addon.folder_id, 'abcdef0')
assert_equal(node_addon.folder_path, '/')
assert_equal(node_addon.folder_name, '/ (Full Box)')
class TestDisableSpamUser(AdminTestCase):
def setUp(self):
self.user = UserFactory()
self.public_node = ProjectFactory(creator=self.user, is_public=True)
self.public_node = ProjectFactory(creator=self.user, is_public=False)
self.request = RequestFactory().post('/fake_path')
self.view = SpamUserDeleteView()
self.view = setup_log_view(self.view, self.request, guid=self.user._id)
def test_get_object(self):
obj = self.view.get_object()
nt.assert_is_instance(obj, User)
def test_get_context(self):
res = self.view.get_context_data(object=self.user)
nt.assert_in('guid', res)
nt.assert_equal(res.get('guid'), self.user._id)
def test_disable_spam_user(self):
settings.ENABLE_EMAIL_SUBSCRIPTIONS = False
count = OSFLogEntry.objects.count()
self.view.delete(self.request)
self.user.reload()
self.public_node.reload()
nt.assert_true(self.user.is_disabled)
nt.assert_false(self.public_node.is_public)
nt.assert_equal(OSFLogEntry.objects.count(), count + 3)
def test_no_user(self):
view = setup_view(UserDeleteView(), self.request, guid='meh')
with nt.assert_raises(Http404):
view.delete(self.request)
class TestCreateBucket(OsfTestCase):
def setUp(self):
super(TestCreateBucket, self).setUp()
self.user = AuthUserFactory()
self.consolidated_auth = Auth(user=self.user)
self.auth = ('test', self.user.api_keys[0]._primary_key)
self.project = ProjectFactory(creator=self.user)
self.project.add_addon('s3', auth=self.consolidated_auth)
self.project.creator.add_addon('s3')
self.user_settings = self.user.get_addon('s3')
self.user_settings.access_key = 'We-Will-Rock-You'
self.user_settings.secret_key = 'Idontknowanyqueensongs'
self.user_settings.save()
self.node_settings = self.project.get_addon('s3')
self.node_settings.bucket = 'Sheer-Heart-Attack'
self.node_settings.user_settings = self.project.creator.get_addon('s3')
self.node_settings.save()
def test_bad_names(self):
assert_false(validate_bucket_name('bogus naMe'))
assert_false(validate_bucket_name(''))
assert_false(validate_bucket_name('no'))
assert_false(validate_bucket_name('.cantstartwithp'))
assert_false(validate_bucket_name('or.endwith.'))
assert_false(validate_bucket_name('..nodoubles'))
assert_false(validate_bucket_name('no_unders_in'))
def test_names(self):
assert_true(validate_bucket_name('imagoodname'))
assert_true(validate_bucket_name('still.passing'))
assert_true(validate_bucket_name('can-have-dashes'))
assert_true(validate_bucket_name('kinda.name.spaced'))
@mock.patch('website.addons.s3.views.crud.create_bucket')
@mock.patch('website.addons.s3.utils.get_bucket_drop_down')
def test_create_bucket_pass(self, mock_make, mock_dropdown):
mock_make.return_value = True
mock_dropdown.return_value = ['mybucket']
url = self.project.api_url_for('create_new_bucket')
ret = self.app.post_json(url, {'bucket_name': 'doesntevenmatter'}, auth=self.user.auth)
assert_equals(ret.status_int, http.OK)
@mock.patch('website.addons.s3.views.crud.create_bucket')
def test_create_bucket_fail(self, mock_make):
error = S3ResponseError(418, 'because Im a test')
error.message = 'This should work'
mock_make.side_effect = error
url = "/api/v1/project/{0}/s3/newbucket/".format(self.project._id)
ret = self.app.post_json(url, {'bucket_name': 'doesntevenmatter'}, auth=self.user.auth, expect_errors=True)
assert_equals(ret.body, '{"message": "This should work", "title": "Problem connecting to S3"}')
class TestNodeDeleteView(AdminTestCase):
def setUp(self):
super(TestNodeDeleteView, self).setUp()
self.node = ProjectFactory()
self.request = RequestFactory().post('/fake_path')
self.view = NodeDeleteView()
self.view = setup_log_view(self.view, self.request,
guid=self.node._id)
def test_get_object(self):
obj = self.view.get_object()
nt.assert_is_instance(obj, Node)
def test_get_context(self):
res = self.view.get_context_data(object=self.node)
nt.assert_in('guid', res)
nt.assert_equal(res.get('guid'), self.node._id)
def test_remove_node(self):
count = OSFLogEntry.objects.count()
self.view.delete(self.request)
self.node.reload()
nt.assert_true(self.node.is_deleted)
nt.assert_equal(OSFLogEntry.objects.count(), count + 1)
def test_restore_node(self):
self.view.delete(self.request)
nt.assert_true(self.node.is_deleted)
count = OSFLogEntry.objects.count()
self.view.delete(self.request)
self.node.reload()
nt.assert_false(self.node.is_deleted)
nt.assert_equal(OSFLogEntry.objects.count(), count + 1)
def setUp(self):
super(TestNodeLicense, self).setUp()
self.user = AuthUserFactory()
self.admin = AuthUserFactory()
self.user_two = AuthUserFactory()
self.read_only_contributor = AuthUserFactory()
self.public_project = ProjectFactory(title="Project One", is_public=True, creator=self.user)
self.public_project.add_contributor(self.user, permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS, save=True)
self.private_project = ProjectFactory(title="Project Two", is_public=False, creator=self.user)
self.private_project.add_contributor(self.user, permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS, save=True)
self.private_project.add_contributor(self.admin, permissions=permissions.CREATOR_PERMISSIONS, save=True)
self.public_url = '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
self.private_url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
ensure_licenses()
self.LICENSE_NAME = 'MIT License'
self.node_license = NodeLicense.find_one(
Q('name', 'eq', self.LICENSE_NAME)
)
self.YEAR = '2105'
self.COPYRIGHT_HOLDERS = ['Foo', 'Bar']
self.public_project.node_license = NodeLicenseRecordFactory(
node_license=self.node_license,
year=self.YEAR,
copyright_holders=self.COPYRIGHT_HOLDERS
)
self.public_project.save()
self.private_project.node_license = NodeLicenseRecordFactory(
node_license=self.node_license,
year=self.YEAR,
copyright_holders=self.COPYRIGHT_HOLDERS
)
self.private_project.save()
def setUp(self):
super(TestRegistrationFiltering, self).setUp()
self.user_one = AuthUserFactory()
self.user_two = AuthUserFactory()
self.project_one = ProjectFactory(title="Project One", description='Two', is_public=True, creator=self.user_one, category='hypothesis')
self.project_two = ProjectFactory(title="Project Two", description="One Three", is_public=True, creator=self.user_one)
self.project_three = ProjectFactory(title="Three", is_public=True, creator=self.user_two)
self.private_project_user_one = ProjectFactory(title="Private Project User One",
is_public=False,
creator=self.user_one)
self.private_project_user_two = ProjectFactory(title="Private Project User Two",
is_public=False,
creator=self.user_two)
self.project_one.add_tag('tag1', Auth(self.project_one.creator), save=False)
self.project_one.add_tag('tag2', Auth(self.project_one.creator), save=False)
self.project_one.save()
self.project_two.add_tag('tag1', Auth(self.project_two.creator), save=True)
self.project_two.save()
self.project_one_reg = RegistrationFactory(creator=self.user_one, project=self.project_one, is_public=True)
self.project_two_reg = RegistrationFactory(creator=self.user_one, project=self.project_two, is_public=True)
self.project_three_reg = RegistrationFactory(creator=self.user_two, project=self.project_three, is_public=True)
self.private_project_user_one_reg = RegistrationFactory(creator=self.user_one, project=self.private_project_user_one, is_public=False)
self.private_project_user_two_reg = RegistrationFactory(creator=self.user_two, project=self.private_project_user_two, is_public=False)
self.folder = FolderFactory()
self.dashboard = DashboardFactory()
self.url = "/{}registrations/".format(API_BASE)
class TestClaimingAsARegisteredUser(OsfTestCase):
def setUp(self):
super(TestClaimingAsARegisteredUser, self).setUp()
self.referrer = AuthUserFactory()
self.project = ProjectFactory(creator=self.referrer, is_public=True)
name, email = fake.name(), fake.email()
self.user = self.project.add_unregistered_contributor(fullname=name, email=email, auth=Auth(user=self.referrer))
self.project.save()
def test_claim_user_registered_with_correct_password(self):
reg_user = AuthUserFactory() # NOTE: AuthUserFactory sets password as 'password'
url = self.user.get_claim_url(self.project._primary_key)
# Follow to password re-enter page
res = self.app.get(url, auth=reg_user.auth).follow(auth=reg_user.auth)
# verify that the "Claim Account" form is returned
assert_in("Claim Contributor", res.body)
form = res.forms["claimContributorForm"]
form["password"] = "******"
res = form.submit(auth=reg_user.auth).follow(auth=reg_user.auth)
self.project.reload()
self.user.reload()
# user is now a contributor to the project
assert_in(reg_user._primary_key, self.project.contributors)
# the unregistered user (self.user) is removed as a contributor, and their
assert_not_in(self.user._primary_key, self.project.contributors)
# unclaimed record for the project has been deleted
assert_not_in(self.project._primary_key, self.user.unclaimed_records)
class TestAddonLogs(OsfTestCase):
def setUp(self):
super(TestAddonLogs, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(
self.session._id)
self.configure_addon()
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.append(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
def build_payload(self, metadata, **kwargs):
options = dict(
auth={'id': self.user._id},
action='create',
provider=self.node_addon.config.short_name,
metadata=metadata,
time=time.time() + 1000,
)
options.update(kwargs)
options = {
key: value
for key, value in options.iteritems() if value is not None
}
message, signature = signing.default_signer.sign_payload(options)
return {
'payload': message,
'signature': signature,
}
@mock.patch('website.notifications.events.files.FileAdded.perform')
def test_add_log(self, mock_perform):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = len(self.node.logs)
self.app.put_json(url,
payload,
headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(len(self.node.logs), nlogs + 1)
# # Mocking form_message and perform so that the payload need not be exact.
# assert_true(mock_form_message.called, "form_message not called")
assert_true(mock_perform.called, "perform not called")
def test_add_log_missing_args(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth=None)
nlogs = len(self.node.logs)
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(len(self.node.logs), nlogs)
def test_add_log_no_user(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path},
auth={'id': None})
nlogs = len(self.node.logs)
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(len(self.node.logs), nlogs)
def test_add_log_no_addon(self):
path = 'pizza'
node = ProjectFactory(creator=self.user)
url = node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = len(node.logs)
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(len(node.logs), nlogs)
def test_add_log_bad_action(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, action='dance')
nlogs = len(self.node.logs)
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(len(self.node.logs), nlogs)
def test_action_file_rename(self):
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(
action='rename',
metadata={
'path': 'foo',
},
source={
'materialized': 'foo',
'provider': 'github',
'node': {
'_id': self.node._id
},
'name': 'new.txt',
'kind': 'file',
},
destination={
'path': 'foo',
'materialized': 'foo',
'provider': 'github',
'node': {
'_id': self.node._id
},
'name': 'old.txt',
'kind': 'file',
},
)
self.app.put_json(url,
payload,
headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(
self.node.logs[-1].action,
'github_addon_file_renamed',
)
def test_get_or_create_node_exists(self):
node = ProjectFactory()
fetched, created = utils.get_or_create_node(node.title, node.creator)
assert_false(created)
assert_equal(node._id, fetched._id)
class TestRegistrationFiltering(ApiTestCase):
def setUp(self):
super(TestRegistrationFiltering, self).setUp()
self.user_one = AuthUserFactory()
self.user_two = AuthUserFactory()
self.project_one = ProjectFactory(title="Project One",
description='Two',
is_public=True,
creator=self.user_one,
category='hypothesis')
self.project_two = ProjectFactory(title="Project Two",
description="One Three",
is_public=True,
creator=self.user_one)
self.project_three = ProjectFactory(title="Three",
is_public=True,
creator=self.user_two)
self.private_project_user_one = ProjectFactory(
title="Private Project User One",
is_public=False,
creator=self.user_one)
self.private_project_user_two = ProjectFactory(
title="Private Project User Two",
is_public=False,
creator=self.user_two)
self.project_one.add_tag('tag1',
Auth(self.project_one.creator),
save=False)
self.project_one.add_tag('tag2',
Auth(self.project_one.creator),
save=False)
self.project_one.save()
self.project_two.add_tag('tag1',
Auth(self.project_two.creator),
save=True)
self.project_two.save()
self.project_one_reg = RegistrationFactory(creator=self.user_one,
project=self.project_one,
is_public=True)
self.project_two_reg = RegistrationFactory(creator=self.user_one,
project=self.project_two,
is_public=True)
self.project_three_reg = RegistrationFactory(
creator=self.user_two, project=self.project_three, is_public=True)
self.private_project_user_one_reg = RegistrationFactory(
creator=self.user_one,
project=self.private_project_user_one,
is_public=False)
self.private_project_user_two_reg = RegistrationFactory(
creator=self.user_two,
project=self.private_project_user_two,
is_public=False)
self.folder = CollectionFactory()
self.bookmark_collection = BookmarkCollectionFactory()
self.url = "/{}registrations/".format(API_BASE)
def tearDown(self):
super(TestRegistrationFiltering, self).tearDown()
Node.remove()
def test_filtering_by_category(self):
url = '/{}registrations/?filter[category]=hypothesis'.format(API_BASE)
res = self.app.get(url, auth=self.user_one.auth)
registration_json = res.json['data']
ids = [each['id'] for each in registration_json]
assert_in(self.project_one_reg._id, ids)
assert_not_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
def test_filtering_by_public(self):
url = '/{}registrations/?filter[public]=false'.format(API_BASE)
res = self.app.get(url, auth=self.user_one.auth)
reg_json = res.json['data']
# No public projects returned
assert_false(any([each['attributes']['public'] for each in reg_json]))
ids = [each['id'] for each in reg_json]
assert_not_in(self.project_one_reg._id, ids)
assert_not_in(self.project_two_reg._id, ids)
url = '/{}registrations/?filter[public]=true'.format(API_BASE)
res = self.app.get(url, auth=self.user_one.auth)
reg_json = res.json['data']
# No private projects returned
assert_true(all([each['attributes']['public'] for each in reg_json]))
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_in(self.project_two_reg._id, ids)
assert_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
def test_filtering_tags(self):
# both project_one and project_two have tag1
url = '/{}registrations/?filter[tags]={}'.format(API_BASE, 'tag1')
res = self.app.get(url, auth=self.project_one.creator.auth)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
# filtering two tags
# project_one has both tags; project_two only has one
url = '/{}registrations/?filter[tags]={}&filter[tags]={}'.format(
API_BASE, 'tag1', 'tag2')
res = self.app.get(url, auth=self.project_one.creator.auth)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_not_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
def test_get_all_registrations_with_no_filter_logged_in(self):
res = self.app.get(self.url, auth=self.user_one.auth)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_in(self.project_two_reg._id, ids)
assert_in(self.project_three_reg._id, ids)
assert_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.project_one._id, ids)
assert_not_in(self.project_two._id, ids)
assert_not_in(self.project_three._id, ids)
assert_not_in(self.private_project_user_one._id, ids)
assert_not_in(self.private_project_user_two._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_get_all_registrations_with_no_filter_not_logged_in(self):
res = self.app.get(self.url)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_in(self.project_two_reg._id, ids)
assert_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.project_one._id, ids)
assert_not_in(self.project_two._id, ids)
assert_not_in(self.project_three._id, ids)
assert_not_in(self.private_project_user_one._id, ids)
assert_not_in(self.private_project_user_two._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_get_one_registration_with_exact_filter_logged_in(self):
url = "/{}registrations/?filter[title]=Project%20One".format(API_BASE)
res = self.app.get(url, auth=self.user_one.auth)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_not_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_get_one_registration_with_exact_filter_not_logged_in(self):
url = "/{}registrations/?filter[title]=Private%20Project%20User%20One".format(
API_BASE)
res = self.app.get(url)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_not_in(self.project_one_reg._id, ids)
assert_not_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_get_some_registrations_with_substring_logged_in(self):
url = "/{}registrations/?filter[title]=Two".format(API_BASE)
res = self.app.get(url, auth=self.user_one.auth)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_not_in(self.project_one_reg._id, ids)
assert_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_get_some_registrations_with_substring_not_logged_in(self):
url = "/{}registrations/?filter[title]=One".format(API_BASE)
res = self.app.get(url)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_not_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_get_only_public_or_my_registrations_with_filter_logged_in(self):
url = "/{}registrations/?filter[title]=Project".format(API_BASE)
res = self.app.get(url, auth=self.user_one.auth)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_get_only_public_registrations_with_filter_not_logged_in(self):
url = "/{}registrations/?filter[title]=Project".format(API_BASE)
res = self.app.get(url)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_alternate_filtering_field_logged_in(self):
url = "/{}registrations/?filter[description]=Three".format(API_BASE)
res = self.app.get(url, auth=self.user_one.auth)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_not_in(self.project_one_reg._id, ids)
assert_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_alternate_filtering_field_not_logged_in(self):
url = "/{}registrations/?filter[description]=Two".format(API_BASE)
res = self.app.get(url)
reg_json = res.json['data']
ids = [each['id'] for each in reg_json]
assert_in(self.project_one_reg._id, ids)
assert_not_in(self.project_two_reg._id, ids)
assert_not_in(self.project_three_reg._id, ids)
assert_not_in(self.private_project_user_one_reg._id, ids)
assert_not_in(self.private_project_user_two_reg._id, ids)
assert_not_in(self.folder._id, ids)
assert_not_in(self.bookmark_collection._id, ids)
def test_incorrect_filtering_field_not_logged_in(self):
url = '/{}registrations/?filter[notafield]=bogus'.format(API_BASE)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 400)
errors = res.json['errors']
assert_equal(len(errors), 1)
assert_equal(errors[0]['detail'],
"'notafield' is not a valid field for this endpoint.")
class TestAddonAuth(OsfTestCase):
def setUp(self):
super(TestAddonAuth, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(
self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'),
settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.append(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
def build_url(self, **kwargs):
options = {
'payload':
jwe.encrypt(
jwt.encode(
{
'data':
dict(
dict(
action='download',
nid=self.node._id,
provider=self.node_addon.config.short_name,
), **kwargs),
'exp':
datetime.datetime.utcnow() + datetime.timedelta(
seconds=settings.WATERBUTLER_JWT_EXPIRATION),
},
settings.WATERBUTLER_JWT_SECRET,
algorithm=settings.WATERBUTLER_JWT_ALGORITHM),
self.JWE_KEY)
}
return api_url_for('get_auth', **options)
def test_auth_download(self):
url = self.build_url()
res = self.app.get(url, auth=self.user.auth)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'),
self.JWE_KEY),
settings.WATERBUTLER_JWT_SECRET,
algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'],
self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'],
self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(
self.node.api_url_for('create_waterbutler_log', _absolute=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_missing_args(self):
url = self.build_url(cookie=None)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_bad_cookie(self):
url = self.build_url(cookie=self.cookie)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 200)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'),
self.JWE_KEY),
settings.WATERBUTLER_JWT_SECRET,
algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'],
self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'],
self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(
self.node.api_url_for('create_waterbutler_log', _absolute=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_cookie(self):
url = self.build_url(cookie=self.cookie[::-1])
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_missing_addon(self):
url = self.build_url(provider='queenhub')
res = self.app.get(url, expect_errors=True, auth=self.user.auth)
assert_equal(res.status_code, 400)
@mock.patch('website.addons.base.views.cas.get_client')
def test_auth_bad_bearer_token(self, mock_cas_client):
mock_cas_client.return_value = mock.Mock(profile=mock.Mock(
return_value=cas.CasResponse(authenticated=False)))
url = self.build_url()
res = self.app.get(
url,
headers={'Authorization': 'Bearer invalid_access_token'},
expect_errors=True)
assert_equal(res.status_code, 403)
class TestAddonFileViews(OsfTestCase):
@classmethod
def setUpClass(cls):
super(TestAddonFileViews, cls).setUpClass()
PROVIDER_MAP['github'] = [TestFolder, TestFile, TestFileNode]
TestFileNode.provider = 'github'
def setUp(self):
super(TestAddonFileViews, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.user.add_addon('github')
self.project.add_addon('github', auth=Auth(self.user))
self.user_addon = self.user.get_addon('github')
self.node_addon = self.project.get_addon('github')
self.oauth = GitHubAccountFactory()
self.oauth.save()
self.user.external_accounts.append(self.oauth)
self.user.save()
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth
self.node_addon.repo = 'Truth'
self.node_addon.user = '******'
self.node_addon.save()
@classmethod
def tearDownClass(cls):
super(TestAddonFileViews, cls).tearDownClass()
PROVIDER_MAP['github'] = [
models.GithubFolder, models.GithubFile, models.GithubFileNode
]
del PROVIDER_MAP['test_addons']
TrashedFileNode.remove()
def get_test_file(self):
version = models.FileVersion(identifier='1')
version.save()
versions = [version]
ret = TestFile(name='Test',
node=self.project,
path='/test/Test',
materialized_path='/test/Test',
versions=versions)
ret.save()
return ret
def get_second_test_file(self):
version = models.FileVersion(identifier='1')
version.save()
ret = TestFile(name='Test2',
node=self.project,
path='/test/Test2',
materialized_path='/test/Test2',
versions=[version])
ret.save()
return ret
def get_mako_return(self):
ret = serialize_node(self.project, Auth(self.user), primary=True)
ret.update({
'error': '',
'provider': '',
'file_path': '',
'sharejs_uuid': '',
'private': '',
'urls': {
'files': '',
'render': '',
'sharejs': '',
'mfr': '',
'gravatar': '',
'external': '',
'archived_from': '',
},
'size': '',
'extra': '',
'file_name': '',
'materialized_path': '',
'file_id': '',
})
ret.update(rubeus.collect_addon_assets(self.project))
return ret
def test_redirects_to_guid(self):
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
resp = self.app.get(self.project.web_url_for(
'addon_view_or_download_file',
path=file_node.path.strip('/'),
provider='github'),
auth=self.user.auth)
assert_equals(resp.status_code, 302)
assert_equals(resp.location,
'http://*****:*****@mock.patch('website.addons.base.views.addon_view_file')
def test_action_view_calls_view_file(self, mock_view_file):
self.user.reload()
self.project.reload()
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
mock_view_file.return_value = self.get_mako_return()
self.app.get('/{}/?action=view'.format(guid._id), auth=self.user.auth)
args, kwargs = mock_view_file.call_args
assert_equals(kwargs, {})
assert_equals(args[0].user._id, self.user._id)
assert_equals(args[1], self.project)
assert_equals(args[2], file_node)
assert_true(isinstance(args[3], file_node.touch(None).__class__))
@mock.patch('website.addons.base.views.addon_view_file')
def test_no_action_calls_view_file(self, mock_view_file):
self.user.reload()
self.project.reload()
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
mock_view_file.return_value = self.get_mako_return()
self.app.get('/{}/'.format(guid._id), auth=self.user.auth)
args, kwargs = mock_view_file.call_args
assert_equals(kwargs, {})
assert_equals(args[0].user._id, self.user._id)
assert_equals(args[1], self.project)
assert_equals(args[2], file_node)
assert_true(isinstance(args[3], file_node.touch(None).__class__))
def test_download_create_guid(self):
file_node = self.get_test_file()
assert_is(file_node.get_guid(), None)
self.app.get(self.project.web_url_for(
'addon_view_or_download_file',
path=file_node.path.strip('/'),
provider='github',
),
auth=self.user.auth)
assert_true(file_node.get_guid())
def test_view_file_does_not_delete_file_when_requesting_invalid_version(
self):
with mock.patch(
'website.addons.github.model.GitHubNodeSettings.is_private',
new_callable=mock.PropertyMock) as mock_is_private:
mock_is_private.return_value = False
file_node = self.get_test_file()
assert_is(file_node.get_guid(), None)
url = self.project.web_url_for(
'addon_view_or_download_file',
path=file_node.path.strip('/'),
provider='github',
)
# First view generated GUID
self.app.get(url, auth=self.user.auth)
self.app.get(url + '?version=invalid',
auth=self.user.auth,
expect_errors=True)
assert_is_not_none(StoredFileNode.load(file_node._id))
assert_is_none(TrashedFileNode.load(file_node._id))
def test_unauthorized_addons_raise(self):
path = 'cloudfiles'
self.node_addon.user_settings = None
self.node_addon.save()
resp = self.app.get(self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'),
auth=self.user.auth,
expect_errors=True)
assert_equals(resp.status_code, 401)
def test_nonstorage_addons_raise(self):
resp = self.app.get(self.project.web_url_for(
'addon_view_or_download_file',
path='sillywiki',
provider='wiki',
action='download'),
auth=self.user.auth,
expect_errors=True)
assert_equals(resp.status_code, 400)
def test_head_returns_url(self):
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
resp = self.app.head('/{}/'.format(guid._id), auth=self.user.auth)
location = furl.furl(resp.location)
assert_urls_equal(
location.url,
file_node.generate_waterbutler_url(direct=None, version=None))
def test_head_returns_url_with_version(self):
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
resp = self.app.head('/{}/?revision=1&foo=bar'.format(guid._id),
auth=self.user.auth)
location = furl.furl(resp.location)
# Note: version is added but us but all other url params are added as well
assert_urls_equal(
location.url,
file_node.generate_waterbutler_url(direct=None,
revision=1,
version=None,
foo='bar'))
def test_nonexistent_addons_raise(self):
path = 'cloudfiles'
self.project.delete_addon('github', Auth(self.user))
self.project.save()
resp = self.app.get(self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'),
auth=self.user.auth,
expect_errors=True)
assert_equals(resp.status_code, 400)
def test_unauth_addons_raise(self):
path = 'cloudfiles'
self.node_addon.user_settings = None
self.node_addon.save()
resp = self.app.get(self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'),
auth=self.user.auth,
expect_errors=True)
assert_equals(resp.status_code, 401)
def test_delete_action_creates_trashed_file_node(self):
file_node = self.get_test_file()
payload = {
'provider': file_node.provider,
'metadata': {
'path': '/test/Test',
'materialized': '/test/Test'
}
}
views.addon_delete_file_node(self=None,
node=self.project,
user=self.user,
event_type='file_removed',
payload=payload)
assert_false(StoredFileNode.load(file_node._id))
assert_true(TrashedFileNode.load(file_node._id))
def test_delete_action_for_folder_deletes_subfolders_and_creates_trashed_file_nodes(
self):
file_node = self.get_test_file()
subfolder = TestFolder(name='folder',
node=self.project,
path='/test/folder/',
materialized_path='/test/folder/',
versions=[])
subfolder.save()
payload = {
'provider': file_node.provider,
'metadata': {
'path': '/test/',
'materialized': '/test/'
}
}
views.addon_delete_file_node(self=None,
node=self.project,
user=self.user,
event_type='file_removed',
payload=payload)
assert_false(StoredFileNode.load(file_node._id))
assert_true(TrashedFileNode.load(file_node._id))
assert_false(StoredFileNode.load(subfolder._id))
@mock.patch('website.archiver.tasks.archive')
def test_archived_from_url(self, mock_archive):
file_node = self.get_test_file()
second_file_node = self.get_second_test_file()
file_node.copied_from = second_file_node
registered_node = self.project.register_node(
schema=get_default_metaschema(),
auth=Auth(self.user),
data=None,
)
archived_from_url = views.get_archived_from_url(
registered_node, file_node)
view_url = self.project.web_url_for('addon_view_or_download_file',
provider=file_node.provider,
path=file_node.copied_from._id)
assert_true(archived_from_url)
assert_urls_equal(archived_from_url, view_url)
@mock.patch('website.archiver.tasks.archive')
def test_archived_from_url_without_copied_from(self, mock_archive):
file_node = self.get_test_file()
registered_node = self.project.register_node(
schema=get_default_metaschema(),
auth=Auth(self.user),
data=None,
)
archived_from_url = views.get_archived_from_url(
registered_node, file_node)
assert_false(archived_from_url)
@mock.patch('website.archiver.tasks.archive')
def test_copied_from_id_trashed(self, mock_archive):
file_node = self.get_test_file()
second_file_node = self.get_second_test_file()
file_node.copied_from = second_file_node
self.project.register_node(
schema=get_default_metaschema(),
auth=Auth(self.user),
data=None,
)
trashed_node = second_file_node.delete()
assert_false(trashed_node.copied_from)
def setUp(self):
super(TestCheckOAuth, self).setUp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
class TestCheckAuth(OsfTestCase):
def setUp(self):
super(TestCheckAuth, self).setUp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
def test_has_permission(self):
res = views.check_access(self.node, Auth(user=self.user), 'upload',
None)
assert_true(res)
def test_not_has_permission_read_public(self):
self.node.is_public = True
self.node.save()
res = views.check_access(self.node, Auth(), 'download', None)
def test_not_has_permission_read_has_link(self):
link = new_private_link('red-special',
self.user, [self.node],
anonymous=False)
res = views.check_access(self.node, Auth(private_key=link.key),
'download', None)
def test_not_has_permission_logged_in(self):
user2 = AuthUserFactory()
with assert_raises(HTTPError) as exc_info:
views.check_access(self.node, Auth(user=user2), 'download', None)
assert_equal(exc_info.exception.code, 403)
def test_not_has_permission_not_logged_in(self):
with assert_raises(HTTPError) as exc_info:
views.check_access(self.node, Auth(), 'download', None)
assert_equal(exc_info.exception.code, 401)
def test_has_permission_on_parent_node_copyto_pass_if_registration(self):
component_admin = AuthUserFactory()
component = ProjectFactory(creator=component_admin, parent=self.node)
component.is_registration = True
assert_false(component.has_permission(self.user, 'write'))
res = views.check_access(component, Auth(user=self.user), 'copyto',
None)
assert_true(res)
def test_has_permission_on_parent_node_metadata_pass_if_registration(self):
component_admin = AuthUserFactory()
component = ProjectFactory(creator=component_admin,
parent=self.node,
is_public=False)
component_registration = RegistrationFactory(project=component,
creator=component_admin)
assert_false(component_registration.has_permission(self.user, 'read'))
res = views.check_access(component_registration, Auth(user=self.user),
'metadata', None)
assert_true(res)
def test_has_permission_on_parent_node_copyto_fail_if_not_registration(
self):
component_admin = AuthUserFactory()
component = ProjectFactory(creator=component_admin, parent=self.node)
assert_false(component.has_permission(self.user, 'write'))
with assert_raises(HTTPError):
views.check_access(component, Auth(user=self.user), 'copyto', None)
def test_has_permission_on_parent_node_copyfrom(self):
component_admin = AuthUserFactory()
component = ProjectFactory(creator=component_admin,
is_public=False,
parent=self.node)
assert_false(component.has_permission(self.user, 'write'))
res = views.check_access(component, Auth(user=self.user), 'copyfrom',
None)
assert_true(res)
def test_before_fork(self):
node = ProjectFactory()
message = self.node_settings.before_fork(node, self.user)
assert_true(message)
class TestFileGuid(OsfTestCase):
def setUp(self):
super(OsfTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_addon('dropbox', auth=Auth(self.user))
self.node_addon = self.project.get_addon('dropbox')
self.node_addon.folder = '/baz'
self.node_addon.save()
def test_provider(self):
assert_equal('dropbox', DropboxFile().provider)
def test_correct_path(self):
guid = DropboxFile(node=self.project, path='baz/foo/bar')
assert_equals(guid.path, 'baz/foo/bar')
assert_equals(guid.waterbutler_path, '/foo/bar')
def test_path_doesnt_crash_without_addon(self):
guid = DropboxFile(node=self.project, path='baz/foo/bar')
self.project.delete_addon('dropbox', Auth(self.user))
assert_is(self.project.get_addon('dropbox'), None)
assert_true(guid.path)
assert_true(guid.waterbutler_path)
def test_path_doesnt_crash_nonconfig_addon(self):
guid = DropboxFile(node=self.project, path='baz/foo/bar')
self.node_addon.folder = None
self.node_addon.save()
self.node_addon.reload()
assert_true(guid.path)
assert_true(guid.waterbutler_path)
@mock.patch('website.addons.base.requests.get')
def test_unique_identifier(self, mock_get):
mock_response = mock.Mock(ok=True, status_code=200)
mock_get.return_value = mock_response
mock_response.json.return_value = {
'data': {
'name': 'Morty',
'extra': {
'revisionId': 'Ricksy'
}
}
}
guid = DropboxFile(node=self.project, path='/foo/bar')
guid.enrich()
assert_equals('Ricksy', guid.unique_identifier)
def test_node_addon_get_or_create(self):
guid, created = self.node_addon.find_or_create_file_guid('/foo/bar')
assert_true(created)
assert_equal(guid.path, 'baz/foo/bar')
assert_equal(guid.waterbutler_path, '/foo/bar')
def test_node_addon_get_or_create_finds(self):
guid1, created1 = self.node_addon.find_or_create_file_guid('/foo/bar')
guid2, created2 = self.node_addon.find_or_create_file_guid('/foo/bar')
assert_true(created1)
assert_false(created2)
assert_equals(guid1, guid2)
def test_node_addon_get_or_create_finds_changed(self):
guid1, created1 = self.node_addon.find_or_create_file_guid('/foo/bar')
self.node_addon.folder = '/baz/foo'
self.node_addon.save()
self.node_addon.reload()
guid2, created2 = self.node_addon.find_or_create_file_guid('/bar')
assert_true(created1)
assert_false(created2)
assert_equals(guid1, guid2)
class TestLegacyViews(OsfTestCase):
def setUp(self):
super(TestLegacyViews, self).setUp()
self.path = 'mercury.png'
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.node_addon = self.project.get_addon('osfstorage')
file_record = self.node_addon.get_root().append_file(self.path)
self.expected_path = file_record._id
self.node_addon.save()
file_record.save()
def test_view_file_redirect(self):
url = '/{0}/osffiles/{1}/'.format(self.project._id, self.path)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 301)
expected_url = self.project.web_url_for(
'addon_view_or_download_file',
action='view',
path=self.expected_path,
provider='osfstorage',
)
assert_urls_equal(res.location, expected_url)
def test_download_file_redirect(self):
url = '/{0}/osffiles/{1}/download/'.format(self.project._id, self.path)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 301)
expected_url = self.project.web_url_for(
'addon_view_or_download_file',
path=self.expected_path,
action='download',
provider='osfstorage',
)
assert_urls_equal(res.location, expected_url)
def test_download_file_version_redirect(self):
url = '/{0}/osffiles/{1}/version/3/download/'.format(
self.project._id,
self.path,
)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 301)
expected_url = self.project.web_url_for(
'addon_view_or_download_file',
version=3,
path=self.expected_path,
action='download',
provider='osfstorage',
)
assert_urls_equal(res.location, expected_url)
def test_api_download_file_redirect(self):
url = '/api/v1/project/{0}/osffiles/{1}/'.format(
self.project._id, self.path)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 301)
expected_url = self.project.web_url_for(
'addon_view_or_download_file',
path=self.expected_path,
action='download',
provider='osfstorage',
)
assert_urls_equal(res.location, expected_url)
def test_api_download_file_version_redirect(self):
url = '/api/v1/project/{0}/osffiles/{1}/version/3/'.format(
self.project._id,
self.path,
)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 301)
expected_url = self.project.web_url_for(
'addon_view_or_download_file',
version=3,
path=self.expected_path,
action='download',
provider='osfstorage',
)
assert_urls_equal(res.location, expected_url)
def test_no_provider_name(self):
url = '/{0}/files/{1}'.format(
self.project._id,
self.path,
)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 301)
expected_url = self.project.web_url_for(
'addon_view_or_download_file',
action='view',
path=self.expected_path,
provider='osfstorage',
)
assert_urls_equal(res.location, expected_url)
def test_action_as_param(self):
url = '/{}/osfstorage/files/{}/?action=download'.format(
self.project._id,
self.path,
)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 301)
expected_url = self.project.web_url_for(
'addon_view_or_download_file',
path=self.expected_path,
action='download',
provider='osfstorage',
)
assert_urls_equal(res.location, expected_url)
def test_other_addon_redirect(self):
url = '/project/{0}/mycooladdon/files/{1}/'.format(
self.project._id,
self.path,
)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 301)
expected_url = self.project.web_url_for(
'addon_view_or_download_file',
action='view',
path=self.path,
provider='mycooladdon',
)
assert_urls_equal(res.location, expected_url)
def test_other_addon_redirect_download(self):
url = '/project/{0}/mycooladdon/files/{1}/download/'.format(
self.project._id,
self.path,
)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 301)
expected_url = self.project.web_url_for(
'addon_view_or_download_file',
path=self.path,
action='download',
provider='mycooladdon',
)
assert_urls_equal(res.location, expected_url)
def test_after_fork_authenticator(self):
fork = ProjectFactory()
clone, message = self.node_settings.after_fork(self.project, fork,
self.project.creator)
assert_equal(self.node_settings.user_settings, clone.user_settings)
def test_after_fork_by_authorized_dropbox_user(self):
fork = ProjectFactory()
clone, message = self.node_settings.after_fork(
node=self.project, fork=fork, user=self.user_settings.owner)
assert_equal(clone.user_settings, self.user_settings)
class TestCallbacks(OsfTestCase):
def setUp(self):
super(TestCallbacks, self).setUp()
self.user = AuthUserFactory()
self.consolidated_auth = Auth(user=self.user)
self.auth = ('test', self.user.api_keys[0]._primary_key)
self.project = ProjectFactory(creator=self.user)
self.non_authenticator = AuthUserFactory()
self.project.add_contributor(
contributor=self.non_authenticator,
auth=Auth(self.project.creator),
)
self.project.add_addon('figshare', auth=self.consolidated_auth)
self.project.creator.add_addon('figshare')
self.node_settings = self.project.get_addon('figshare')
self.user_settings = self.project.creator.get_addon('figshare')
self.user_settings.oauth_access_token = 'legittoken'
self.user_settings.oauth_access_token_secret = 'legittoken'
self.user_settings.save()
self.node_settings.user_settings = self.user_settings
self.node_settings.figshare_id = '123456'
self.node_settings.figshare_type = 'project'
self.node_settings.figshare_title = 'singlefile'
self.node_settings.save()
def test_update_fields_project(self):
num_logs = len(self.project.logs)
# try updating fields
newfields = {'type': 'project', 'id': '313131', 'name': 'A PROJECT'}
self.node_settings.update_fields(newfields, self.project,
Auth(self.project.creator))
#check for updated
assert_equals(self.node_settings.figshare_id, '313131')
assert_equals(self.node_settings.figshare_type, 'project')
assert_equals(self.node_settings.figshare_title, 'A PROJECT')
# check for log added
assert_equals(len(self.project.logs), num_logs + 1)
def test_update_fields_fileset(self):
num_logs = len(self.project.logs)
# try updating fields
newfields = {'type': 'fileset', 'id': '313131', 'name': 'A FILESET'}
self.node_settings.update_fields(newfields, self.project,
Auth(self.project.creator))
#check for updated
assert_equals(self.node_settings.figshare_id, '313131')
assert_equals(self.node_settings.figshare_type, 'fileset')
assert_equals(self.node_settings.figshare_title, 'A FILESET')
# check for log added
assert_equals(len(self.project.logs), num_logs + 1)
def test_update_fields_some_missing(self):
num_logs = len(self.project.logs)
# try updating fields
newfields = {'type': 'project', 'id': '313131', 'name': 'A PROJECT'}
self.node_settings.update_fields(newfields, self.project,
Auth(self.project.creator))
#check for updated
assert_equals(self.node_settings.figshare_id, '313131')
assert_equals(self.node_settings.figshare_title, 'A PROJECT')
# check for log added
assert_equals(len(self.project.logs), num_logs + 1)
def test_update_fields_invalid(self):
num_logs = len(self.project.logs)
# try updating fields
newfields = {
'adad': 131313,
'i1513': '313131',
'titladad': 'A PROJECT'
}
self.node_settings.update_fields(newfields, self.project,
Auth(self.project.creator))
#check for updated
assert_equals(self.node_settings.figshare_id, '123456')
assert_equals(self.node_settings.figshare_type, 'project')
assert_equals(self.node_settings.figshare_title, 'singlefile')
# check for log added
assert_equals(len(self.project.logs), num_logs)
def test_api_url_no_user(self):
self.node_settings.user_settings = None
self.node_settings.save()
assert_equal(self.node_settings.api_url, figshare_settings.API_URL)
def test_api_url(self):
assert_equal(self.node_settings.api_url,
figshare_settings.API_OAUTH_URL)
def test_before_register_linked_content(self):
assert_false(
self.node_settings.before_register(self.project,
self.project.creator) is None)
def test_before_register_no_linked_content(self):
self.node_settings.figshare_id = None
assert_true(
self.node_settings.before_register(self.project,
self.project.creator) is None)
def test_before_remove_contributor_authenticator(self):
message = self.node_settings.before_remove_contributor(
self.project, self.project.creator)
assert_true(message)
def test_before_remove_contributor_not_authenticator(self):
message = self.node_settings.before_remove_contributor(
self.project, self.non_authenticator)
assert_false(message)
def test_after_remove_contributor_authenticator_not_self(self):
auth = Auth(user=self.non_authenticator)
msg = self.node_settings.after_remove_contributor(
self.project, self.project.creator, auth)
assert_in(self.project.project_or_component, msg)
assert_equal(self.node_settings.user_settings, None)
assert_in("You can re-authenticate", msg)
def test_after_remove_contributor_authenticator_self(self):
msg = self.node_settings.after_remove_contributor(
self.project, self.project.creator, self.consolidated_auth)
assert_in(self.project.title, msg)
assert_equal(self.node_settings.user_settings, None)
assert_not_in("You can re-authenticate", msg)
def test_after_fork_authenticator(self):
fork = ProjectFactory()
clone, message = self.node_settings.after_fork(
self.project,
fork,
self.project.creator,
)
assert_equal(
self.node_settings.user_settings,
clone.user_settings,
)
def test_after_fork_not_authenticator(self):
fork = ProjectFactory()
clone, message = self.node_settings.after_fork(
self.project,
fork,
self.non_authenticator,
)
assert_equal(
clone.user_settings,
None,
)
def test_after_delete(self):
self.project.remove_node(Auth(user=self.project.creator))
# Ensure that changes to node settings have been saved
self.node_settings.reload()
assert_true(self.node_settings.user_settings is None)
assert_true(self.node_settings.figshare_id is None)
assert_true(self.node_settings.figshare_type is None)
assert_true(self.node_settings.figshare_title is None)
@mock.patch('website.archiver.tasks.archive.si')
@mock.patch(
'website.addons.figshare.model.AddonFigShareNodeSettings.archive_errors'
)
def test_does_not_get_copied_to_registrations(self, mock_errors,
mock_archive):
registration = self.project.register_node(
schema=None,
auth=Auth(user=self.project.creator),
template='Template1',
data='hodor')
assert_false(registration.has_addon('figshare'))
class TestDropboxNodeSettingsModel(OsfTestCase):
def setUp(self):
super(TestDropboxNodeSettingsModel, self).setUp()
self.user = UserFactory()
self.user.add_addon('dropbox')
self.user.save()
self.user_settings = self.user.get_addon('dropbox')
self.project = ProjectFactory()
self.node_settings = DropboxNodeSettingsFactory(
user_settings=self.user_settings, owner=self.project)
def test_complete_true(self):
self.node_settings.user_settings.access_token = 'seems legit'
assert_true(self.node_settings.has_auth)
assert_true(self.node_settings.complete)
def test_complete_false(self):
self.node_settings.user_settings.access_token = 'seems legit'
self.node_settings.folder = None
assert_true(self.node_settings.has_auth)
assert_false(self.node_settings.complete)
def test_complete_auth_false(self):
self.node_settings.user_settings = None
assert_false(self.node_settings.has_auth)
assert_false(self.node_settings.complete)
def test_fields(self):
node_settings = DropboxNodeSettings(user_settings=self.user_settings)
node_settings.save()
assert_true(node_settings.user_settings)
assert_equal(node_settings.user_settings.owner, self.user)
assert_true(hasattr(node_settings, 'folder'))
assert_true(hasattr(node_settings, 'registration_data'))
def test_folder_defaults_to_none(self):
node_settings = DropboxNodeSettings(user_settings=self.user_settings)
node_settings.save()
assert_is_none(node_settings.folder)
def test_has_auth(self):
settings = DropboxNodeSettings(user_settings=self.user_settings)
settings.save()
assert_false(settings.has_auth)
settings.user_settings.access_token = '123abc'
settings.user_settings.save()
assert_true(settings.has_auth)
def test_to_json(self):
settings = self.node_settings
user = UserFactory()
result = settings.to_json(user)
assert_equal(result['addon_short_name'], 'dropbox')
def test_delete(self):
assert_true(self.node_settings.user_settings)
assert_true(self.node_settings.folder)
old_logs = self.project.logs
self.node_settings.delete()
self.node_settings.save()
assert_is(self.node_settings.user_settings, None)
assert_is(self.node_settings.folder, None)
assert_true(self.node_settings.deleted)
assert_equal(self.project.logs, old_logs)
def test_deauthorize(self):
assert_true(self.node_settings.user_settings)
assert_true(self.node_settings.folder)
self.node_settings.deauthorize(auth=Auth(self.user))
self.node_settings.save()
assert_is(self.node_settings.user_settings, None)
assert_is(self.node_settings.folder, None)
last_log = self.project.logs[-1]
assert_equal(last_log.action, 'dropbox_node_deauthorized')
params = last_log.params
assert_in('node', params)
assert_in('project', params)
assert_in('folder', params)
def test_set_folder(self):
folder_name = 'queen/freddie'
self.node_settings.set_folder(folder_name, auth=Auth(self.user))
self.node_settings.save()
# Folder was set
assert_equal(self.node_settings.folder, folder_name)
# Log was saved
last_log = self.project.logs[-1]
assert_equal(last_log.action, 'dropbox_folder_selected')
def test_set_user_auth(self):
node_settings = DropboxNodeSettingsFactory()
user_settings = DropboxUserSettingsFactory()
node_settings.set_user_auth(user_settings)
node_settings.save()
assert_true(node_settings.has_auth)
assert_equal(node_settings.user_settings, user_settings)
# A log was saved
last_log = node_settings.owner.logs[-1]
assert_equal(last_log.action, 'dropbox_node_authorized')
log_params = last_log.params
assert_equal(log_params['folder'], node_settings.folder)
assert_equal(log_params['node'], node_settings.owner._primary_key)
assert_equal(last_log.user, user_settings.owner)
def test_serialize_credentials(self):
self.user_settings.access_token = 'secret'
self.user_settings.save()
credentials = self.node_settings.serialize_waterbutler_credentials()
expected = {'token': self.node_settings.user_settings.access_token}
assert_equal(credentials, expected)
def test_serialize_credentials_not_authorized(self):
self.node_settings.user_settings = None
self.node_settings.save()
with assert_raises(exceptions.AddonError):
self.node_settings.serialize_waterbutler_credentials()
def test_serialize_settings(self):
settings = self.node_settings.serialize_waterbutler_settings()
expected = {'folder': self.node_settings.folder}
assert_equal(settings, expected)
def test_serialize_settings_not_configured(self):
self.node_settings.folder = None
self.node_settings.save()
with assert_raises(exceptions.AddonError):
self.node_settings.serialize_waterbutler_settings()
def test_create_log(self):
action = 'file_added'
path = 'pizza.nii'
self.node_settings.folder = '/SomeOddPath'
self.node_settings.save()
nlog = len(self.project.logs)
self.node_settings.create_waterbutler_log(
auth=Auth(user=self.user),
action=action,
metadata={'path': path},
)
self.project.reload()
assert_equal(len(self.project.logs), nlog + 1)
assert_equal(
self.project.logs[-1].action,
'dropbox_{0}'.format(action),
)
assert_equal(
self.project.logs[-1].params['path'],
path,
)
@mock.patch('website.archiver.tasks.archive')
def test_does_not_get_copied_to_registrations(self, mock_archive):
registration = self.project.register_node(
schema=None,
auth=Auth(user=self.project.creator),
template='Template1',
data='hodor')
assert_false(registration.has_addon('dropbox'))
class TestGoogleDriveUserSettings(OsfTestCase):
def setUp(self):
super(TestGoogleDriveUserSettings, self).setUp()
self.node = ProjectFactory()
self.user = self.node.creator
self.external_account = GoogleDriveAccountFactory()
self.user.external_accounts.append(self.external_account)
self.user.save()
self.user_settings = self.user.get_or_add_addon('googledrive')
def tearDown(self):
super(TestGoogleDriveUserSettings, self).tearDown()
self.user_settings.remove()
self.external_account.remove()
self.node.remove()
self.user.remove()
def test_grant_oauth_access_no_metadata(self):
self.user_settings.grant_oauth_access(
node=self.node,
external_account=self.external_account,
)
self.user_settings.save()
assert_equal(
self.user_settings.oauth_grants,
{self.node._id: {
self.external_account._id: {}
}},
)
def test_grant_oauth_access_metadata(self):
self.user_settings.grant_oauth_access(
node=self.node,
external_account=self.external_account,
metadata={'folder': 'fake_folder_id'})
self.user_settings.save()
assert_equal(
self.user_settings.oauth_grants, {
self.node._id: {
self.external_account._id: {
'folder': 'fake_folder_id'
}
},
})
def test_verify_oauth_access_no_metadata(self):
self.user_settings.grant_oauth_access(
node=self.node,
external_account=self.external_account,
)
self.user_settings.save()
account_has_access = self.user_settings.verify_oauth_access(
node=self.node, external_account=self.external_account)
factory_account_has_access = self.user_settings.verify_oauth_access(
node=self.node, external_account=GoogleDriveAccountFactory())
assert_true(account_has_access)
assert_false(factory_account_has_access)
def test_verify_oauth_access_metadata(self):
self.user_settings.grant_oauth_access(
node=self.node,
external_account=self.external_account,
metadata={'folder': 'fake_folder_id'})
self.user_settings.save()
correct_meta_access = self.user_settings.verify_oauth_access(
node=self.node,
external_account=self.external_account,
metadata={'folder': 'fake_folder_id'})
incorrect_meta_no_access = self.user_settings.verify_oauth_access(
node=self.node,
external_account=self.external_account,
metadata={'folder': 'another_folder_id'})
assert_true(correct_meta_access)
assert_false(incorrect_meta_no_access)
def setUp(self):
super(OsfTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_addon('s3', auth=Auth(self.user))
self.node_addon = self.project.get_addon('s3')
class MendeleyViewsTestCase(OsfTestCase):
def setUp(self):
super(MendeleyViewsTestCase, self).setUp()
self.account = MendeleyAccountFactory()
self.user = AuthUserFactory(external_accounts=[self.account])
self.account.display_name = self.user.fullname
self.account.save()
self.user_addon = MendeleyUserSettingsFactory(owner=self.user, external_account=self.account)
self.project = ProjectFactory(creator=self.user)
self.node_addon = MendeleyNodeSettingsFactory(owner=self.project)
self.node_addon.set_auth(external_account=self.account, user=self.user)
#self.user_addon.grant_oauth_access(self.node_addon, self.account, metadata={'lists': 'list'})
self.node = MockNode()
self.node.addon = self.node_addon
self.id_patcher = mock.patch('website.addons.mendeley.model.Mendeley.client_id')
self.secret_patcher = mock.patch('website.addons.mendeley.model.Mendeley.client_secret')
self.id_patcher.__get__ = mock.Mock(return_value='1234567890asdf')
self.secret_patcher.__get__ = mock.Mock(return_value='1234567890asdf')
self.id_patcher.start()
self.secret_patcher.start()
def tearDown(self):
self.id_patcher.stop()
self.secret_patcher.stop()
def test_serialize_settings_authorizer(self):
#"""dict: a serialized version of user-specific addon settings"""
res = self.app.get(
self.project.api_url_for('mendeley_get_config'),
auth=self.user.auth,
)
result = res.json['result']
assert_true(result['nodeHasAuth'])
assert_true(result['userHasAuth'])
assert_true(result['userIsOwner'])
assert_equal(result['folder'], {'name': ''})
assert_equal(result['ownerName'], self.user.fullname)
assert_true(result['urls']['auth'])
assert_true(result['urls']['config'])
assert_true(result['urls']['deauthorize'])
assert_true(result['urls']['folders'])
assert_true(result['urls']['importAuth'])
assert_true(result['urls']['settings'])
def test_serialize_settings_non_authorizer(self):
#"""dict: a serialized version of user-specific addon settings"""
non_authorizing_user = AuthUserFactory()
self.project.add_contributor(non_authorizing_user, save=True)
res = self.app.get(
self.project.api_url_for('mendeley_get_config'),
auth=non_authorizing_user.auth,
)
result = res.json['result']
assert_true(result['nodeHasAuth'])
assert_false(result['userHasAuth'])
assert_false(result['userIsOwner'])
assert_equal(result['folder'], {'name': ''})
assert_equal(result['ownerName'], self.user.fullname)
assert_true(result['urls']['auth'])
assert_true(result['urls']['config'])
assert_true(result['urls']['deauthorize'])
assert_true(result['urls']['folders'])
assert_true(result['urls']['importAuth'])
assert_true(result['urls']['settings'])
def test_set_auth(self):
res = self.app.put_json(
self.project.api_url_for('mendeley_add_user_auth'),
{
'external_account_id': self.account._id,
},
auth=self.user.auth,
)
assert_equal(
res.status_code,
200
)
assert_true(res.json['result']['userHasAuth'])
assert_equal(
self.node_addon.user_settings,
self.user_addon
)
assert_equal(
self.node_addon.external_account,
self.account
)
def test_remove_user_auth(self):
self.node_addon.set_auth(self.account, self.user)
res = self.app.delete_json(
self.project.api_url_for('mendeley_remove_user_auth'),
{
'external_account_id': self.account._id,
},
auth=self.user.auth,
)
assert_equal(
res.status_code,
200
)
self.node_addon.reload()
assert_is_none(self.node_addon.user_settings)
assert_is_none(self.node_addon.external_account)
@mock.patch('website.addons.mendeley.model.Mendeley._folder_metadata')
def test_set_config_owner(self, mock_metadata):
mock_metadata.return_value = MockFolder(name='Fake Folder')
# Settings config updates node settings
self.node_addon.associated_user_settings = []
self.node_addon.save()
res = self.app.put_json(
self.project.api_url_for('mendeley_set_config'),
{
'external_account_id': self.account._id,
'external_list_id': 'list',
},
auth=self.user.auth,
)
self.node_addon.reload()
assert_equal(self.user_addon, self.node_addon.user_settings)
serializer = MendeleySerializer(node_settings=self.node_addon, user_settings=self.user_addon)
expected = {
'result': serializer.serialized_node_settings
}
assert_equal(res.json, expected)
@mock.patch('website.addons.mendeley.model.Mendeley._folder_metadata')
def test_set_config_not_owner(self, mock_metadata):
mock_metadata.return_value = MockFolder(name='Fake Folder')
user = AuthUserFactory()
user.add_addon('mendeley')
self.project.add_contributor(user)
self.project.save()
res = self.app.put_json(
self.project.api_url_for('mendeley_set_config'),
{
'external_account_id': self.account._id,
'external_list_id': 'list',
},
auth=user.auth,
)
self.node_addon.reload()
assert_equal(self.user_addon, self.node_addon.user_settings)
serializer = MendeleySerializer(node_settings=self.node_addon, user_settings=None)
expected = {
'result': serializer.serialized_node_settings
}
assert_equal(res.json, expected)
def test_mendeley_widget_view_complete(self):
# JSON: everything a widget needs
assert_false(self.node_addon.complete)
assert_equal(self.node_addon.mendeley_list_id, None)
self.node_addon.set_target_folder('ROOT-ID', 'ROOT', auth=Auth(user=self.user))
url = self.project.api_url_for('mendeley_widget')
res = self.app.get(url, auth=self.user.auth).json
assert_true(res['complete'])
assert_equal(res['list_id'], 'ROOT-ID')
def test_widget_view_incomplete(self):
# JSON: tell the widget when it hasn't been configured
assert_false(self.node_addon.complete)
assert_equal(self.node_addon.mendeley_list_id, None)
url = self.project.api_url_for('mendeley_widget')
res = self.app.get(url, auth=self.user.auth).json
assert_false(res['complete'])
assert_is_none(res['list_id'])
@httpretty.activate
def test_mendeley_citation_list_root(self):
httpretty.register_uri(
httpretty.GET,
urlparse.urljoin(API_URL, 'folders'),
body=mock_responses['folders'],
content_type='application/json'
)
res = self.app.get(
self.project.api_url_for('mendeley_citation_list'),
auth=self.user.auth
)
root = res.json['contents'][0]
assert_equal(root['kind'], 'folder')
assert_equal(root['id'], 'ROOT')
assert_equal(root['parent_list_id'], '__')
@httpretty.activate
def test_mendeley_citation_list_non_root(self):
httpretty.register_uri(
httpretty.GET,
urlparse.urljoin(API_URL, 'folders'),
body=mock_responses['folders'],
content_type='application/json'
)
httpretty.register_uri(
httpretty.GET,
urlparse.urljoin(API_URL, 'documents'),
body=mock_responses['documents'],
content_type='application/json'
)
res = self.app.get(
self.project.api_url_for('mendeley_citation_list', mendeley_list_id='ROOT'),
auth=self.user.auth
)
children = res.json['contents']
assert_equal(len(children), 7)
assert_equal(children[0]['kind'], 'folder')
assert_equal(children[1]['kind'], 'file')
assert_true(children[1].get('csl') is not None)
@httpretty.activate
def test_mendeley_citation_list_non_linked_or_child_non_authorizer(self):
non_authorizing_user = AuthUserFactory()
self.project.add_contributor(non_authorizing_user, save=True)
self.node_addon.mendeley_list_id = 'e843da05-8818-47c2-8c37-41eebfc4fe3f'
self.node_addon.save()
httpretty.register_uri(
httpretty.GET,
urlparse.urljoin(API_URL, 'folders'),
body=mock_responses['folders'],
content_type='application/json'
)
httpretty.register_uri(
httpretty.GET,
urlparse.urljoin(API_URL, 'documents'),
body=mock_responses['documents'],
content_type='application/json'
)
res = self.app.get(
self.project.api_url_for('mendeley_citation_list', mendeley_list_id='ROOT'),
auth=non_authorizing_user.auth,
expect_errors=True
)
assert_equal(res.status_code, 403)
class TestFileGuid(OsfTestCase):
def setUp(self):
super(OsfTestCase, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_addon('figshare', auth=Auth(self.user))
self.node_addon = self.project.get_addon('figshare')
self.node_addon.figshare_id = 8
self.node_addon.figshare_type = 'project'
self.node_addon.save()
def test_provider(self):
assert_equal('figshare', model.FigShareGuidFile().provider)
def test_path_doesnt_crash_without_addon(self):
guid = model.FigShareGuidFile(node=self.project, path='/baz/foo/bar')
self.project.delete_addon('figshare', Auth(self.user))
assert_is(self.project.get_addon('figshare'), None)
assert_true(guid.path)
assert_true(guid.waterbutler_path)
def test_path_doesnt_crash_nonconfig_addon(self):
guid = model.FigShareGuidFile(node=self.project, path='/baz/foo/bar')
self.node_addon.figshare_type = None
self.node_addon.figshare_id = None
self.node_addon.save()
self.node_addon.reload()
assert_true(guid.path)
assert_true(guid.waterbutler_path)
def test_mfr_test_path(self):
self.node_addon.figshare_type = 'fileset'
self.node_addon.save()
self.node_addon.reload()
guid = model.FigShareGuidFile(file_id=2,
article_id=4,
node=self.project)
assert_equal(guid.waterbutler_path, '/2')
def test_correct_path_project(self):
guid = model.FigShareGuidFile(file_id=2,
article_id=4,
node=self.project)
assert_equal(guid.waterbutler_path, '/4/2')
def test_unique_identifier(self):
guid = model.FigShareGuidFile(file_id=2, article_id=4)
assert_equal(guid.unique_identifier, '42')
def test_exception_from_response(self):
mock_response = mock.Mock()
mock_response.json.return_value = {
'data': {
'name': 'Morty',
'extra': {
'status': 'drafts'
}
}
}
guid = model.FigShareGuidFile(file_id=2, article_id=4)
with assert_raises(exceptions.FigshareIsDraftError):
guid._exception_from_response(mock_response)
assert_equal(guid.name, 'Morty')
@mock.patch('website.addons.base.requests.get')
def test_enrich_raises(self, mock_get):
mock_response = mock.Mock(ok=True, status_code=200)
mock_get.return_value = mock_response
mock_response.json.return_value = {
'data': {
'name': 'Morty',
'extra': {
'status': 'drafts'
}
}
}
guid = model.FigShareGuidFile(file_id=2,
article_id=4,
node=self.project)
with assert_raises(exceptions.FigshareIsDraftError):
guid.enrich()
assert_equal(guid.name, 'Morty')
@mock.patch('website.addons.base.requests.get')
def test_enrich_works(self, mock_get):
mock_response = mock.Mock(ok=True, status_code=200)
mock_get.return_value = mock_response
mock_response.json.return_value = {
'data': {
'name': 'Morty',
'extra': {
'status': 'Rick'
}
}
}
guid = model.FigShareGuidFile(file_id=2,
article_id=4,
node=self.project)
guid.enrich()
assert_equal(guid.name, 'Morty')
def test_node_addon_get_or_create(self):
guid, _ = self.node_addon.find_or_create_file_guid('/4/2')
assert_equal(guid.waterbutler_path, '/4/2')
assert_equal(guid.file_id, '2')
assert_equal(guid.article_id, '4')
def test_node_addon_get_or_create_finds(self):
guid, created = self.node_addon.find_or_create_file_guid('/4/2')
assert_true(created)
other, other_created = self.node_addon.find_or_create_file_guid('/4/2')
assert_false(other_created)
assert_equal(guid, other)
class TestRemoveContributor(AdminTestCase):
def setUp(self):
super(TestRemoveContributor, self).setUp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
self.user_2 = AuthUserFactory()
self.node.add_contributor(self.user_2)
self.node.save()
self.view = NodeRemoveContributorView
self.request = RequestFactory().post('/fake_path')
self.url = reverse('nodes:remove_user',
kwargs={
'node_id': self.node._id,
'user_id': self.user._id
})
def test_get_object(self):
view = setup_log_view(self.view(),
self.request,
node_id=self.node._id,
user_id=self.user._id)
node, user = view.get_object()
nt.assert_is_instance(node, Node)
nt.assert_is_instance(user, OSFUser)
@mock.patch('admin.nodes.views.Node.remove_contributor')
def test_remove_contributor(self, mock_remove_contributor):
user_id = self.user_2._id
node_id = self.node._id
view = setup_log_view(self.view(),
self.request,
node_id=node_id,
user_id=user_id)
view.delete(self.request)
mock_remove_contributor.assert_called_with(self.user_2,
None,
log=False)
def test_integration_remove_contributor(self):
nt.assert_in(self.user_2, self.node.contributors)
view = setup_log_view(self.view(),
self.request,
node_id=self.node._id,
user_id=self.user_2._id)
count = AdminLogEntry.objects.count()
view.delete(self.request)
nt.assert_not_in(self.user_2, self.node.contributors)
nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
def test_do_not_remove_last_admin(self):
nt.assert_equal(
len(list(self.node.get_admin_contributors(
self.node.contributors))), 1)
view = setup_log_view(self.view(),
self.request,
node_id=self.node._id,
user_id=self.user._id)
count = AdminLogEntry.objects.count()
view.delete(self.request)
self.node.reload() # Reloads instance to show that nothing was removed
nt.assert_equal(len(list(self.node.contributors)), 2)
nt.assert_equal(
len(list(self.node.get_admin_contributors(
self.node.contributors))), 1)
nt.assert_equal(AdminLogEntry.objects.count(), count)
def test_no_log(self):
view = setup_log_view(self.view(),
self.request,
node_id=self.node._id,
user_id=self.user_2._id)
view.delete(self.request)
nt.assert_not_equal(self.node.logs.latest().action,
NodeLog.CONTRIB_REMOVED)
def test_no_user_permissions_raises_error(self):
guid = self.node._id
request = RequestFactory().get(self.url)
request.user = self.user
with nt.assert_raises(PermissionDenied):
self.view.as_view()(request, node_id=guid, user_id=self.user)
def test_correct_view_permissions(self):
change_permission = Permission.objects.get(codename='change_node')
view_permission = Permission.objects.get(codename='view_node')
self.user.user_permissions.add(change_permission)
self.user.user_permissions.add(view_permission)
self.user.save()
request = RequestFactory().get(self.url)
request.user = self.user
response = self.view.as_view()(request,
node_id=self.node._id,
user_id=self.user._id)
nt.assert_equal(response.status_code, 200)
class TestGoogleDriveNodeSettings(OsfTestCase):
def setUp(self):
super(TestGoogleDriveNodeSettings, self).setUp()
self.node = ProjectFactory()
self.node_settings = model.GoogleDriveNodeSettings(owner=self.node)
self.node_settings.save()
self.user = self.node.creator
self.user_settings = self.user.get_or_add_addon('googledrive')
def tearDown(self):
super(TestGoogleDriveNodeSettings, self).tearDown()
self.user_settings.remove()
self.node_settings.remove()
self.node.remove()
self.user.remove()
@mock.patch('website.addons.googledrive.model.GoogleDriveProvider')
def test_api_not_cached(self, mock_gdp):
# The first call to .api returns a new object
api = self.node_settings.api
mock_gdp.assert_called_once()
assert_equal(api, mock_gdp())
@mock.patch('website.addons.googledrive.model.GoogleDriveProvider')
def test_api_cached(self, mock_gdp):
# Repeated calls to .api returns the same object
self.node_settings._api = 'testapi'
api = self.node_settings.api
assert_false(mock_gdp.called)
assert_equal(api, 'testapi')
def test_set_auth(self):
external_account = GoogleDriveAccountFactory()
self.user.external_accounts.append(external_account)
self.user.save()
# this should be reset after the call
self.node_settings.folder_id = 'anything'
self.node_settings.set_auth(external_account=external_account,
user=self.user)
# this instance is updated
assert_equal(self.node_settings.external_account, external_account)
assert_equal(self.node_settings.user_settings, self.user_settings)
assert_is_none(self.node_settings.folder_id)
set_auth_gives_access = self.user_settings.verify_oauth_access(
node=self.node,
external_account=external_account,
)
assert_true(set_auth_gives_access)
def test_set_auth_wrong_user(self):
external_account = GoogleDriveAccountFactory()
self.user.external_accounts.append(external_account)
self.user.save()
with assert_raises(PermissionsError):
self.node_settings.set_auth(external_account=external_account,
user=UserFactory())
def test_clear_auth(self):
self.node_settings.external_account = GoogleDriveAccountFactory()
self.node_settings.folder_id = 'something'
self.node_settings.user_settings = self.user_settings
self.node_settings.save()
self.node_settings.clear_auth()
assert_is_none(self.node_settings.external_account)
assert_is_none(self.node_settings.folder_id)
assert_is_none(self.node_settings.user_settings)
assert_is_none(self.node_settings.folder_path)
assert_is_none(self.node_settings.folder_name)
def test_set_target_folder(self):
folder = {
'id': 'fake-folder-id',
'name': 'fake-folder-name',
'path': 'fake_path'
}
external_account = GoogleDriveAccountFactory()
self.user.external_accounts.append(external_account)
self.user.save()
self.node_settings.set_auth(
external_account=external_account,
user=self.user,
)
assert_is_none(self.node_settings.folder_id)
self.node_settings.set_target_folder(
folder,
auth=Auth(user=self.user),
)
# instance was updated
assert_equal(
self.node_settings.folder_id,
'fake-folder-id',
)
has_access = self.user_settings.verify_oauth_access(
node=self.node,
external_account=external_account,
metadata={'folder': 'fake-folder-id'})
# user_settings was updated
assert_true(has_access)
log = self.node.logs[-1]
assert_equal(log.action, 'googledrive_folder_selected')
assert_equal(log.params['folder'], folder['path'])
def test_has_auth_false(self):
external_account = GoogleDriveAccountFactory()
assert_false(self.node_settings.has_auth)
# both external_account and user_settings must be set to have auth
self.node_settings.external_account = external_account
assert_false(self.node_settings.has_auth)
self.node_settings.external_account = None
self.node_settings.user_settings = self.user_settings
assert_false(self.node_settings.has_auth)
# set_auth must be called to have auth
self.node_settings.external_account = external_account
self.node_settings.user_settings = self.user_settings
assert_false(self.node_settings.has_auth)
def test_has_auth_true(self):
external_account = GoogleDriveAccountFactory()
self.user.external_accounts.append(external_account)
self.node_settings.set_auth(external_account, self.user)
self.node_settings.folder_id = None
assert_true(self.node_settings.has_auth)
self.node_settings.folder_id = 'totally fake ID'
assert_true(self.node_settings.has_auth)
def test_selected_folder_name_root(self):
self.node_settings.folder_id = 'root'
assert_equal(self.node_settings.selected_folder_name,
"Full Google Drive")
def test_selected_folder_name_empty(self):
self.node_settings.folder_id = None
assert_equal(self.node_settings.selected_folder_name, '')
def test_selected_folder_name(self):
self.node_settings.folder_id = 'fake-id'
self.node_settings.folder_path = 'fake-folder-name'
self.node_settings.save()
assert_equal(self.node_settings.selected_folder_name,
'fake-folder-name')
def test_serialize_credentials(self):
external_account = GoogleDriveAccountFactory()
self.user.external_accounts.append(external_account)
self.node_settings.set_auth(external_account, self.user)
credentials = self.node_settings.serialize_waterbutler_credentials()
expected = {'token': self.node_settings.fetch_access_token()}
assert_equal(credentials, expected)
def test_serialize_credentials_not_authorized(self):
external_account = GoogleDriveAccountFactory()
self.node_settings.external_account = external_account
with assert_raises(exceptions.AddonError):
self.node_settings.serialize_waterbutler_credentials()
def test_serialize_settings(self):
self.node_settings.folder_id = 'fake-id'
self.node_settings.folder_path = 'fake-folder-name'
self.node_settings.save()
settings = self.node_settings.serialize_waterbutler_settings()
expected = {
'folder': {
'id': 'fake-id',
'name': 'fake-folder-name',
'path': 'fake-folder-name',
}
}
assert_equal(settings, expected)
def test_serialize_settings_not_configured(self):
self.node_settings.folder_id = None
self.node_settings.save()
with assert_raises(exceptions.AddonError):
self.node_settings.serialize_waterbutler_settings()
def test_fetch_access_token_with_token_not_expired(self):
external_account = GoogleDriveAccountFactory()
self.user.external_accounts.append(external_account)
external_account.expires_at = datetime.utcnow(
) + relativedelta.relativedelta(minutes=6)
external_account.oauth_key = 'fake-token'
external_account.save()
self.node_settings.set_auth(external_account, self.user)
assert_equal(self.node_settings.fetch_access_token(), 'fake-token')
@mock.patch.object(GoogleAuthClient, 'refresh')
def test_fetch_access_token_with_token_expired(self, mock_refresh):
external_account = GoogleDriveAccountFactory()
self.user.external_accounts.append(external_account)
external_account.expires_at = datetime.utcnow(
) + relativedelta.relativedelta(minutes=4)
external_account.oauth_key = 'fake-token'
external_account.refresh_token = 'refresh-fake-token'
external_account.save()
fake_token = {
'access_token': 'new-access-token',
'refresh_token': 'new-refresh-token',
'expires_at': 1234.5
}
mock_refresh.return_value = fake_token
self.node_settings.set_auth(external_account, self.user)
self.node_settings.fetch_access_token()
mock_refresh.assert_called_once()
assert_equal(external_account.oauth_key, 'new-access-token')
assert_equal(external_account.refresh_token, 'new-refresh-token')
assert_equal(external_account.expires_at,
datetime.utcfromtimestamp(1234.5))
class TestOsfStorageCheckout(StorageTestCase):
def setUp(self):
super(TestOsfStorageCheckout, self).setUp()
self.user = factories.AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
self.osfstorage = self.node.get_addon('osfstorage')
self.root_node = self.osfstorage.get_root()
self.file = self.root_node.append_file('3005')
def test_checkout_logs(self):
non_admin = factories.AuthUserFactory()
self.node.add_contributor(non_admin, permissions=['read', 'write'])
self.node.save()
self.file.check_in_or_out(non_admin, non_admin, save=True)
self.file.reload()
self.node.reload()
assert_equal(self.file.checkout, non_admin)
assert_equal(self.node.logs.latest().action, 'checked_out')
assert_equal(self.node.logs.latest().user, non_admin)
self.file.check_in_or_out(self.user, None, save=True)
self.file.reload()
self.node.reload()
assert_equal(self.file.checkout, None)
assert_equal(self.node.logs.latest().action, 'checked_in')
assert_equal(self.node.logs.latest().user, self.user)
self.file.check_in_or_out(self.user, self.user, save=True)
self.file.reload()
self.node.reload()
assert_equal(self.file.checkout, self.user)
assert_equal(self.node.logs.latest().action, 'checked_out')
assert_equal(self.node.logs.latest().user, self.user)
with assert_raises(FileNodeCheckedOutError):
self.file.check_in_or_out(non_admin, None, save=True)
with assert_raises(FileNodeCheckedOutError):
self.file.check_in_or_out(non_admin, non_admin, save=True)
def test_delete_checked_out_file(self):
self.file.check_in_or_out(self.user, self.user, save=True)
self.file.reload()
assert_equal(self.file.checkout, self.user)
with assert_raises(FileNodeCheckedOutError):
self.file.delete()
def test_delete_folder_with_checked_out_file(self):
folder = self.root_node.append_folder('folder')
self.file.move_under(folder)
self.file.check_in_or_out(self.user, self.user, save=True)
self.file.reload()
assert_equal(self.file.checkout, self.user)
with assert_raises(FileNodeCheckedOutError):
folder.delete()
def test_move_checked_out_file(self):
self.file.check_in_or_out(self.user, self.user, save=True)
self.file.reload()
assert_equal(self.file.checkout, self.user)
folder = self.root_node.append_folder('folder')
with assert_raises(FileNodeCheckedOutError):
self.file.move_under(folder)
def test_checked_out_merge(self):
user = factories.AuthUserFactory()
node = ProjectFactory(creator=user)
osfstorage = node.get_addon('osfstorage')
root_node = osfstorage.get_root()
file = root_node.append_file('test_file')
user_merge_target = factories.AuthUserFactory()
file.check_in_or_out(user, user, save=True)
file.reload()
assert_equal(file.checkout, user)
user_merge_target.merge_user(user)
file.reload()
assert_equal(user_merge_target.id, file.checkout.id)
def test_remove_contributor_with_checked_file(self):
user = factories.AuthUserFactory()
Contributor.objects.create(
node=self.node,
user=user,
admin=True,
write=True,
read=True,
visible=True
)
self.file.check_in_or_out(self.user, self.user, save=True)
self.file.reload()
assert_equal(self.file.checkout, self.user)
self.file.node.remove_contributors([self.user], save=True)
self.file.reload()
assert_equal(self.file.checkout, None)
class TestNodeDeleteView(AdminTestCase):
def setUp(self):
super(TestNodeDeleteView, self).setUp()
self.node = ProjectFactory()
self.request = RequestFactory().post('/fake_path')
self.plain_view = NodeDeleteView
self.view = setup_log_view(self.plain_view(),
self.request,
guid=self.node._id)
self.url = reverse('nodes:remove', kwargs={'guid': self.node._id})
def test_get_object(self):
obj = self.view.get_object()
nt.assert_is_instance(obj, Node)
def test_get_context(self):
res = self.view.get_context_data(object=self.node)
nt.assert_in('guid', res)
nt.assert_equal(res.get('guid'), self.node._id)
def test_remove_node(self):
count = AdminLogEntry.objects.count()
self.view.delete(self.request)
self.node.refresh_from_db()
nt.assert_true(self.node.is_deleted)
nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
def test_restore_node(self):
self.view.delete(self.request)
self.node.refresh_from_db()
nt.assert_true(self.node.is_deleted)
count = AdminLogEntry.objects.count()
self.view.delete(self.request)
self.node.reload()
nt.assert_false(self.node.is_deleted)
nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
def test_no_user_permissions_raises_error(self):
user = AuthUserFactory()
guid = self.node._id
request = RequestFactory().get(self.url)
request.user = user
with nt.assert_raises(PermissionDenied):
self.plain_view.as_view()(request, guid=guid)
def test_correct_view_permissions(self):
user = AuthUserFactory()
guid = self.node._id
change_permission = Permission.objects.get(codename='delete_node')
view_permission = Permission.objects.get(codename='view_node')
user.user_permissions.add(change_permission)
user.user_permissions.add(view_permission)
user.save()
request = RequestFactory().get(self.url)
request.user = user
response = self.plain_view.as_view()(request, guid=guid)
nt.assert_equal(response.status_code, 200)
def setUp(self):
super(TestProject, self).setUp()
search.delete_index(elastic_search.INDEX)
search.create_index(elastic_search.INDEX)
self.user = UserFactory(fullname='John Deacon')
self.project = ProjectFactory(title='Red Special', creator=self.user)
class TestPreprintCreate(ApiTestCase):
def setUp(self):
super(TestPreprintCreate, self).setUp()
self.user = AuthUserFactory()
self.other_user = AuthUserFactory()
self.private_project = ProjectFactory(creator=self.user)
self.public_project = ProjectFactory(creator=self.user, public=True)
self.public_project.add_contributor(self.other_user, permissions=[permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS], save=True)
self.subject = SubjectFactory()
self.user_two = AuthUserFactory()
self.file_one_public_project = test_utils.create_test_file(self.public_project, self.user, 'millionsofdollars.pdf')
self.file_one_private_project = test_utils.create_test_file(self.private_project, self.user, 'woowoowoo.pdf')
self.url = '/{}preprints/'.format(API_BASE)
def test_create_preprint_from_public_project(self):
public_project_payload = build_preprint_create_payload(self.public_project._id, self.subject._id, self.file_one_public_project._id)
res = self.app.post_json_api(self.url, public_project_payload, auth=self.user.auth)
assert_equal(res.status_code, 201)
def test_create_preprint_with_tags(self):
public_project_payload = build_preprint_create_payload(self.public_project._id, self.subject._id, self.file_one_public_project._id)
public_project_payload['data']['attributes']['tags'] = ['newtag', 'bluetag']
res = self.app.post_json_api(self.url, public_project_payload, auth=self.user.auth)
assert_equal(res.status_code, 201)
self.public_project.reload()
assert_in('newtag', self.public_project.tags)
assert_in('bluetag', self.public_project.tags)
assert_not_in('tag_added', [l.action for l in self.public_project.logs])
def test_create_preprint_from_private_project(self):
private_project_payload = build_preprint_create_payload(self.private_project._id, self.subject._id, self.file_one_private_project._id)
res = self.app.post_json_api(self.url, private_project_payload, auth=self.user.auth)
self.private_project.reload()
assert_equal(res.status_code, 201)
assert_true(self.private_project.is_public)
def test_non_authorized_user(self):
public_project_payload = build_preprint_create_payload(self.public_project._id, self.subject._id, self.file_one_public_project._id)
res = self.app.post_json_api(self.url, public_project_payload, auth=self.user_two.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_read_write_user_not_admin(self):
assert_in(self.other_user, self.public_project.contributors)
public_project_payload = build_preprint_create_payload(self.public_project._id, self.subject._id, self.file_one_public_project._id)
res = self.app.post_json_api(self.url, public_project_payload, auth=self.other_user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_file_is_not_in_node(self):
wrong_project_payload = build_preprint_create_payload(self.public_project._id, self.subject._id, self.file_one_private_project._id)
res = self.app.post_json_api(self.url, wrong_project_payload, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], 'This file is not a valid primary file for this preprint.')
def test_already_a_preprint(self):
preprint = PreprintFactory(creator=self.user)
file_one_preprint = test_utils.create_test_file(preprint, self.user, 'openupthatwindow.pdf')
already_preprint_payload = build_preprint_create_payload(preprint._id, self.subject._id, file_one_preprint._id)
res = self.app.post_json_api(self.url, already_preprint_payload, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 409)
assert_equal(res.json['errors'][0]['detail'], 'This node already stored as a preprint, use the update method instead.')
def test_read_write_user_already_a_preprint(self):
assert_in(self.other_user, self.public_project.contributors)
preprint = PreprintFactory(creator=self.user)
preprint.add_contributor(self.other_user, permissions=[permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS], save=True)
file_one_preprint = test_utils.create_test_file(preprint, self.user, 'openupthatwindow.pdf')
already_preprint_payload = build_preprint_create_payload(preprint._id, self.subject._id, file_one_preprint._id)
res = self.app.post_json_api(self.url, already_preprint_payload, auth=self.other_user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_no_primary_file_passed(self):
no_file_payload = build_preprint_create_payload(self.public_project._id, self.subject._id)
res = self.app.post_json_api(self.url, no_file_payload, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], 'You must specify a primary_file to create a preprint.')
def test_invalid_primary_file(self):
invalid_file_payload = build_preprint_create_payload(self.public_project._id, self.subject._id, 'totallynotanid')
res = self.app.post_json_api(self.url, invalid_file_payload, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], 'You must specify a primary_file to create a preprint.')
def test_no_subjects_given(self):
no_subjects_payload = build_preprint_create_payload(self.public_project._id, self.subject._id, self.file_one_public_project._id)
del no_subjects_payload['data']['attributes']['subjects']
res = self.app.post_json_api(self.url, no_subjects_payload, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], 'You must specify at least one subject to create a preprint.')
def test_invalid_subjects_given(self):
wrong_subjects_payload = build_preprint_create_payload(self.public_project._id, self.subject._id, self.file_one_public_project._id)
wrong_subjects_payload['data']['attributes']['subjects'] = ['jobbers']
res = self.app.post_json_api(self.url, wrong_subjects_payload, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], 'Subject with id <jobbers> could not be found.')
def test_request_id_does_not_match_request_url_id(self):
public_project_payload = build_preprint_create_payload(self.private_project._id, self.subject._id, self.file_one_public_project._id)
res = self.app.post_json_api(self.url, public_project_payload, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], 'This file is not a valid primary file for this preprint.')
def test_file_not_osfstorage(self):
github_file = self.file_one_public_project
github_file.provider = 'github'
github_file.save()
public_project_payload = build_preprint_create_payload(self.public_project._id, self.subject._id, github_file._id)
res = self.app.post_json_api(self.url, public_project_payload, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], 'This file is not a valid primary file for this preprint.')
def test_preprint_contributor_signal_sent_on_creation(self):
with capture_signals() as mock_signals:
public_project_payload = build_preprint_create_payload(self.public_project._id, self.subject._id,
self.file_one_public_project._id)
res = self.app.post_json_api(self.url, public_project_payload, auth=self.user.auth)
assert_equal(res.status_code, 201)
assert_equal(mock_signals.signals_sent(), set([project_signals.contributor_added]))
def test_preprint_contributor_signal_not_sent_one_contributor(self):
with capture_signals() as mock_signals:
private_project_payload = build_preprint_create_payload(self.private_project._id, self.subject._id,
self.file_one_private_project._id)
res = self.app.post_json_api(self.url, private_project_payload, auth=self.user.auth)
assert_equal(res.status_code, 201)
assert_not_equal(mock_signals.signals_sent(), set([project_signals.contributor_added]))
class TestAddonAuth(OsfTestCase):
def setUp(self):
super(TestAddonAuth, self).setUp()
self.flask_app = SetEnvironMiddleware(self.app.app, REMOTE_ADDR='127.0.0.1')
self.test_app = webtest.TestApp(self.flask_app)
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = AddonGitHubOauthSettings(github_user_id='john')
self.oauth_settings.save()
self.user_addon.oauth_settings = self.oauth_settings
self.user_addon.oauth_access_token = 'secret'
self.user_addon.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.save()
def build_url(self, **kwargs):
options = dict(
action='download',
cookie=self.cookie,
nid=self.node._id,
provider=self.node_addon.config.short_name,
)
options.update(kwargs)
return api_url_for('get_auth', **options)
def test_auth_download(self):
url = self.build_url()
res = self.test_app.get(url)
assert_equal(res.json['auth'], views.make_auth(self.user))
assert_equal(res.json['credentials'], self.node_addon.serialize_waterbutler_credentials())
assert_equal(res.json['settings'], self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True))
observed_url = furl.furl(res.json['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_missing_args(self):
url = self.build_url(cookie=None)
res = self.test_app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_bad_cookie(self):
url = self.build_url(cookie=self.cookie[::-1])
res = self.test_app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_missing_addon(self):
url = self.build_url(provider='queenhub')
res = self.test_app.get(url, expect_errors=True)
assert_equal(res.status_code, 400)
def test_auth_bad_ip(self):
flask_app = SetEnvironMiddleware(self.app.app, REMOTE_ADDR='192.168.1.1')
test_app = webtest.TestApp(flask_app)
url = self.build_url()
res = test_app.get(url, expect_errors=True)
assert_equal(res.status_code, 403)
class TestPublicNodes(SearchTestCase):
def setUp(self):
super(TestPublicNodes, self).setUp()
self.user = UserFactory(usename='Doug Bogie')
self.title = 'Red Special'
self.consolidate_auth = Auth(user=self.user)
self.project = ProjectFactory(
title=self.title,
creator=self.user,
is_public=True,
)
self.component = NodeFactory(project=self.project,
title=self.title,
creator=self.user,
is_public=True)
self.registration = ProjectFactory(title=self.title,
creator=self.user,
is_public=True,
is_registration=True)
def test_make_private(self):
"""Make project public, then private, and verify that it is not present
in search.
"""
self.project.set_privacy('private')
docs = query('category:project AND ' + self.title)['results']
assert_equal(len(docs), 0)
self.component.set_privacy('private')
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 0)
self.registration.set_privacy('private')
docs = query('category:registration AND ' + self.title)['results']
assert_equal(len(docs), 0)
def test_public_parent_title(self):
self.project.set_title('hello & world', self.consolidate_auth)
self.project.save()
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 1)
assert_equal(docs[0]['parent_title'], 'hello & world')
assert_true(docs[0]['parent_url'])
def test_make_parent_private(self):
"""Make parent of component, public, then private, and verify that the
component still appears but doesn't link to the parent in search.
"""
self.project.set_privacy('private')
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 1)
assert_equal(docs[0]['parent_title'], '-- private project --')
assert_false(docs[0]['parent_url'])
def test_delete_project(self):
"""
"""
self.component.remove_node(self.consolidate_auth)
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 0)
self.project.remove_node(self.consolidate_auth)
docs = query('category:project AND ' + self.title)['results']
assert_equal(len(docs), 0)
def test_change_title(self):
"""
"""
title_original = self.project.title
self.project.set_title('Blue Ordinary',
self.consolidate_auth,
save=True)
docs = query('category:project AND ' + title_original)['results']
assert_equal(len(docs), 0)
docs = query('category:project AND ' + self.project.title)['results']
assert_equal(len(docs), 1)
def test_add_tags(self):
tags = ['stonecoldcrazy', 'just a poor boy', 'from-a-poor-family']
for tag in tags:
docs = query('tags:"{}"'.format(tag))['results']
assert_equal(len(docs), 0)
self.project.add_tag(tag, self.consolidate_auth, save=True)
for tag in tags:
docs = query('tags:"{}"'.format(tag))['results']
assert_equal(len(docs), 1)
def test_remove_tag(self):
tags = ['stonecoldcrazy', 'just a poor boy', 'from-a-poor-family']
for tag in tags:
self.project.add_tag(tag, self.consolidate_auth, save=True)
self.project.remove_tag(tag, self.consolidate_auth, save=True)
docs = query('tags:"{}"'.format(tag))['results']
assert_equal(len(docs), 0)
def test_update_wiki(self):
"""Add text to a wiki page, then verify that project is found when
searching for wiki text.
"""
wiki_content = {'home': 'Hammer to fall', 'swag': '#YOLO'}
for key, value in wiki_content.items():
docs = query(value)['results']
assert_equal(len(docs), 0)
self.project.update_node_wiki(
key,
value,
self.consolidate_auth,
)
docs = query(value)['results']
assert_equal(len(docs), 1)
def test_clear_wiki(self):
"""Add wiki text to page, then delete, then verify that project is not
found when searching for wiki text.
"""
wiki_content = 'Hammer to fall'
self.project.update_node_wiki(
'home',
wiki_content,
self.consolidate_auth,
)
self.project.update_node_wiki('home', '', self.consolidate_auth)
docs = query(wiki_content)['results']
assert_equal(len(docs), 0)
def test_add_contributor(self):
"""Add a contributor, then verify that project is found when searching
for contributor.
"""
user2 = UserFactory(fullname='Adam Lambert')
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 0)
self.project.add_contributor(user2, save=True)
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 1)
def test_remove_contributor(self):
"""Add and remove a contributor, then verify that project is not found
when searching for contributor.
"""
user2 = UserFactory(fullname='Brian May')
self.project.add_contributor(user2, save=True)
self.project.remove_contributor(user2, self.consolidate_auth)
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 0)
def test_hide_contributor(self):
user2 = UserFactory(fullname='Brian May')
self.project.add_contributor(user2)
self.project.set_visible(user2, False, save=True)
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 0)
self.project.set_visible(user2, True, save=True)
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 1)
def test_wrong_order_search(self):
title_parts = self.title.split(' ')
title_parts.reverse()
title_search = ' '.join(title_parts)
docs = query(title_search)['results']
assert_equal(len(docs), 3)
def test_tag_aggregation(self):
tags = ['stonecoldcrazy', 'just a poor boy', 'from-a-poor-family']
for tag in tags:
self.project.add_tag(tag, self.consolidate_auth, save=True)
docs = query(self.title)['tags']
assert len(docs) == 3
for doc in docs:
assert doc['key'] in tags
def test_count_aggregation(self):
docs = query("*")['counts']
assert_equal(docs['total'], 4)
assert_equal(docs['project'], 1)
assert_equal(docs['component'], 1)
assert_equal(docs['registration'], 1)
class TestAddonLogs(OsfTestCase):
def setUp(self):
super(TestAddonLogs, self).setUp()
self.flask_app = SetEnvironMiddleware(self.app.app, REMOTE_ADDR='127.0.0.1')
self.test_app = webtest.TestApp(self.flask_app)
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = AddonGitHubOauthSettings(github_user_id='john')
self.oauth_settings.save()
self.user_addon.oauth_settings = self.oauth_settings
self.user_addon.oauth_access_token = 'secret'
self.user_addon.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.save()
def build_payload(self, metadata, **kwargs):
options = dict(
auth={'id': self.user._id},
action='create',
provider=self.node_addon.config.short_name,
metadata=metadata,
time=time.time() + 1000,
)
options.update(kwargs)
options = {
key: value
for key, value in options.iteritems()
if value is not None
}
message, signature = signing.default_signer.sign_payload(options)
return {
'payload': message,
'signature': signature,
}
def test_add_log(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = len(self.node.logs)
self.test_app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(len(self.node.logs), nlogs + 1)
def test_add_log_missing_args(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth=None)
nlogs = len(self.node.logs)
res = self.test_app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(len(self.node.logs), nlogs)
def test_add_log_no_user(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth={'id': None})
nlogs = len(self.node.logs)
res = self.test_app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(len(self.node.logs), nlogs)
def test_add_log_no_addon(self):
path = 'pizza'
node = ProjectFactory(creator=self.user)
url = node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = len(node.logs)
res = self.test_app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(len(node.logs), nlogs)
def test_add_log_bad_action(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, action='dance')
nlogs = len(self.node.logs)
res = self.test_app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(len(self.node.logs), nlogs)
class TestAddonCount(OsfTestCase):
def setUp(self):
super(TestAddonCount, self).setUp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.external_account = GitHubAccountFactory(display_name='hmoco1')
self.user_settings = self.user.get_or_add_addon('github')
self.user_settings.save()
self.user.external_accounts.append(self.external_account)
self.user.save()
self.node.add_addon('github', Auth(self.user))
self.node_addon = self.node.get_addon('github')
self.node_addon.user = self.user.fullname
self.node_addon.repo = '29 #Strafford APTS'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.external_account
self.node_addon.save()
self.user_settings.grant_oauth_access(
node=self.node,
external_account=self.external_account,
)
def tearDown(self):
GitHubNodeSettings.remove()
GitHubUserSettings.remove()
GoogleDriveNodeSettings.remove()
GoogleDriveUserSettings.remove()
def test_run_for_all_addon(self):
results = AddonSnapshot().get_events()
names = [res['provider']['name'] for res in results]
for addon in ADDONS_AVAILABLE:
assert_in(addon.short_name, names)
def test_one_user_one_node_one_addon(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(github_res['nodes']['total'], 1)
def test_one_user_one_node_one_addon_one_node_linked(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(github_res['nodes']['total'], 1)
def test_one_user_with_multiple_githubs(self):
oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
oauth_settings2.save()
self.user.external_accounts.append(oauth_settings2)
self.user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 1)
def test_one_user_with_multiple_addons(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
googledrive_res = [
res for res in results if res['provider']['name'] == 'googledrive'
][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(googledrive_res['users']['enabled'], 0)
self.user.add_addon('googledrive')
oauth_settings = GoogleDriveAccountFactory()
oauth_settings.save()
self.user.external_accounts.append(oauth_settings)
self.user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
googledrive_res = [
res for res in results if res['provider']['name'] == 'googledrive'
][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(googledrive_res['users']['enabled'], 1)
def test_many_users_each_with_a_different_github(self):
user = AuthUserFactory()
user.add_addon('github')
oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
oauth_settings2.save()
user.external_accounts.append(oauth_settings2)
user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 2)
assert_equal(github_res['users']['authorized'], 1)
assert_equal(github_res['users']['linked'], 1)
def test_many_users_each_with_the_same_github_enabled(self):
user = AuthUserFactory()
user.add_addon('github')
user.external_accounts.append(self.external_account)
user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 2)
def test_github_enabled_not_linked_or_authorized(self):
user = AuthUserFactory()
user.add_addon('github')
user.external_accounts.append(self.external_account)
user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 2)
assert_equal(github_res['users']['authorized'], 1)
assert_equal(github_res['users']['linked'], 1)
def test_one_node_with_multiple_addons(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
googledrive_res = [
res for res in results if res['provider']['name'] == 'googledrive'
][0]
assert_equal(github_res['nodes']['total'], 1)
assert_equal(googledrive_res['nodes']['total'], 0)
self.user.add_addon('googledrive')
user_addon = self.user.get_addon('googledrive')
oauth_settings = GoogleDriveAccountFactory()
oauth_settings.save()
self.user.external_accounts.append(oauth_settings)
self.user.save()
self.node.add_addon('googledrive', Auth(self.user))
node_addon = self.node.get_addon('googledrive')
node_addon.user = self.user.fullname
node_addon.user_settings = user_addon
node_addon.external_account = oauth_settings
node_addon.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
googledrive_res = [
res for res in results if res['provider']['name'] == 'googledrive'
][0]
assert_equal(github_res['nodes']['total'], 1)
assert_equal(googledrive_res['nodes']['total'], 1)
def test_many_nodes_with_one_addon(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['total'], 1)
node = ProjectFactory(creator=self.user)
node.add_addon('github', Auth(self.user))
node_addon = node.get_addon('github')
node_addon.user = self.user.fullname
node_addon.repo = '8 (circle)'
node_addon.user_settings = self.user_addon
node_addon.external_account = self.external_account
node_addon.save()
node.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['total'], 2)
def test_node_count_deleted_addon(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['deleted'], 0)
node = ProjectFactory(creator=self.user)
node.add_addon('github', Auth(self.user))
node_addon = node.get_addon('github')
node_addon.delete()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['deleted'], 1)
def test_node_count_disconected_addon(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['disconnected'], 0)
node = ProjectFactory(creator=self.user)
node.add_addon('github', Auth(self.user))
node_addon = node.get_addon('github')
node_addon.external_account = None
node_addon.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['disconnected'], 1)
def test_all_users_have_wiki_osfstorage_enabled(self):
all_user_count = User.find().count()
results = AddonSnapshot().get_events()
osfstorage_res = [
res for res in results if res['provider']['name'] == 'osfstorage'
][0]
wiki_res = [
res for res in results if res['provider']['name'] == 'osfstorage'
][0]
assert_equal(osfstorage_res['users']['enabled'], all_user_count)
assert_equal(wiki_res['users']['enabled'], all_user_count)
def test_wiki_deleted_shows_as_deleted(self):
node = ProjectFactory(creator=self.user)
node.delete_addon('wiki', auth=Auth(self.user))
results = AddonSnapshot().get_events()
wiki_res = [
res for res in results if res['provider']['name'] == 'wiki'
][0]
assert_equal(wiki_res['nodes']['deleted'], 1)
def test_node_settings_has_no_owner_not_connected(self):
self.node_addon.owner = None
self.node_addon.save()
results = AddonSnapshot().get_events()
storage_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(storage_res['nodes']['connected'], 0)
def test_bookmark_collection_not_counted(self):
all_node_count = Node.find().count()
results = AddonSnapshot().get_events()
storage_res = [
res for res in results if res['provider']['name'] == 'osfstorage'
][0]
assert_equal(storage_res['nodes']['connected'], all_node_count - 1)
class RegistrationEmbargoViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoViewsTestCase, self).setUp()
ensure_schemas()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project,
creator=self.user)
current_month = datetime.datetime.now().strftime("%B")
current_year = datetime.datetime.now().strftime("%Y")
self.valid_make_public_payload = json.dumps({
u'embargoEndDate':
u'Fri, 01, {month} {year} 00:00:00 GMT'.format(month=current_month,
year=current_year),
u'registrationChoice':
'immediate',
u'summary':
unicode(fake.sentence())
})
valid_date = datetime.datetime.now() + datetime.timedelta(days=180)
self.valid_embargo_payload = json.dumps({
u'embargoEndDate':
unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT',
u'registrationChoice':
'embargo',
u'summary':
unicode(fake.sentence())
})
self.invalid_embargo_date_payload = json.dumps({
u'embargoEndDate':
u"Thu, 01 {month} {year} 05:00:00 GMT".format(
month=current_month, year=str(int(current_year) - 1)),
u'registrationChoice':
'embargo',
u'summary':
unicode(fake.sentence())
})
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_make_public_immediately_creates_registration_approval(
self, mock_enqueue):
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth)
assert_equal(res.status_code, 201)
registration = Node.find().sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_not_equal(registration.registration_approval, None)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_make_public_does_not_make_children_public(
self, mock_enqueue):
component = NodeFactory(creator=self.user,
parent=self.project,
title='Component')
subproject = ProjectFactory(creator=self.user,
parent=self.project,
title='Subproject')
subproject_component = NodeFactory(creator=self.user,
parent=subproject,
title='Subcomponent')
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth)
self.project.reload()
# Last node directly registered from self.project
registration = Node.load(self.project.node__registrations[-1])
assert_false(registration.is_public)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_embargo_is_not_public(self, mock_enqueue):
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth)
assert_equal(res.status_code, 201)
registration = Node.find().sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_invalid_embargo_end_date_returns_HTTPBad_Request(
self, mock_enqueue):
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.invalid_embargo_date_payload,
content_type='application/json',
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_valid_POST_embargo_adds_to_parent_projects_log(
self, mock_enquque):
initial_project_logs = len(self.project.logs)
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth)
self.project.reload()
# Logs: Created, registered, embargo initiated
assert_equal(len(self.project.logs), initial_project_logs + 1)
def test_non_contributor_GET_approval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
approval_url = self.registration.web_url_for('view_project',
token=approval_token)
res = self.app.get(approval_url,
auth=non_contributor.auth,
expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
def test_non_contributor_GET_disapproval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[
self.user._id]['rejection_token']
approval_url = self.registration.web_url_for('view_project',
token=rejection_token)
res = self.app.get(approval_url,
auth=non_contributor.auth,
expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
class TestAddonFileViews(OsfTestCase):
def setUp(self):
super(TestAddonFileViews, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.user.add_addon('github')
self.project.add_addon('github', auth=Auth(self.user))
self.user_addon = self.user.get_addon('github')
self.node_addon = self.project.get_addon('github')
self.oauth = AddonGitHubOauthSettings(
github_user_id='denbarell',
oauth_access_token='Truthy'
)
self.oauth.save()
self.user_addon.oauth_settings = self.oauth
self.user_addon.save()
self.node_addon.user_settings = self.user_addon
self.node_addon.save()
# self.node_addon.user_settings = 'Truthy'
# setattr(self.node_addon, 'has_auth', True)
def get_mako_return(self):
ret = serialize_node(self.project, Auth(self.user), primary=True)
ret.update({
'extra': '',
'provider': '',
'rendered': '',
'file_path': '',
'files_url': '',
'file_name': '',
'render_url': '',
'materialized_path': '',
})
ret.update(rubeus.collect_addon_assets(self.project))
return ret
def test_redirects_to_guid(self):
path = 'bigdata'
guid, _ = self.node_addon.find_or_create_file_guid('/' + path)
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github'
),
auth=self.user.auth
)
assert_equals(resp.status_code, 302)
assert_equals(resp.headers['Location'], 'http://*****:*****@mock.patch('website.addons.base.request')
def test_public_download_url_includes_view_only(self, mock_request):
view_only = 'justworkplease'
mock_request.args = {
'view_only': view_only
}
path = 'cloudfiles'
guid, _ = self.node_addon.find_or_create_file_guid('/' + path)
assert_in('view_only={}'.format(view_only), guid.public_download_url)
@mock.patch('website.addons.base.views.addon_view_file')
def test_action_view_calls_view_file(self, mock_view_file):
self.user.reload()
self.project.reload()
path = 'cloudfiles'
mock_view_file.return_value = self.get_mako_return()
guid, _ = self.node_addon.find_or_create_file_guid('/' + path)
self.app.get(guid.guid_url + '?action=view', auth=self.user.auth)
args, kwargs = mock_view_file.call_args
assert_equals(kwargs, {})
assert_equals(args[-1], {'action': 'view'})
assert_equals(args[1], self.project)
assert_equals(args[0].user, self.user)
assert_equals(args[2], self.node_addon)
@mock.patch('website.addons.base.views.addon_view_file')
def test_no_action_calls_view_file(self, mock_view_file):
self.user.reload()
self.project.reload()
path = 'cloudfiles'
mock_view_file.return_value = self.get_mako_return()
guid, _ = self.node_addon.find_or_create_file_guid('/' + path)
self.app.get(guid.guid_url, auth=self.user.auth)
args, kwargs = mock_view_file.call_args
assert_equals(kwargs, {})
assert_equals(args[-1], {})
assert_equals(args[1], self.project)
assert_equals(args[0].user, self.user)
assert_equals(args[2], self.node_addon)
def test_download_create_guid(self):
path = 'cloudfiles'
self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth
)
guid, created = self.node_addon.find_or_create_file_guid('/' + path)
assert_true(guid)
assert_false(created)
assert_equals(guid.waterbutler_path, '/' + path)
def test_unauthorized_addons_raise(self):
path = 'cloudfiles'
self.node_addon.user_settings = None
self.node_addon.save()
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 403)
def test_head_returns_url(self):
path = 'the little engine that couldnt'
guid, _ = self.node_addon.find_or_create_file_guid('/' + path)
download_url = furl.furl(guid.download_url)
download_url.args['accept_url'] = 'false'
resp = self.app.head(guid.guid_url, auth=self.user.auth)
assert_urls_equal(resp.headers['Location'], download_url.url)
def test_nonexistent_addons_raise(self):
path = 'cloudfiles'
self.project.delete_addon('github', Auth(self.user))
self.project.save()
resp = self.app.get(
self.project.api_url_for(
'addon_render_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 400)
def test_unauth_addons_raise(self):
path = 'cloudfiles'
self.node_addon.user_settings = None
self.node_addon.save()
resp = self.app.get(
self.project.api_url_for(
'addon_render_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 401)
def test_unconfigured_addons_raise(self):
path = 'cloudfiles'
self.node_addon.repo = None
self.node_addon.save()
resp = self.app.get(
self.project.api_url_for(
'addon_render_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 400)
