def test_user_can_not_verify_other_token(self):
u1 = UserFactory()
v1 = VerificationFactory(user=u1)
u2 = UserFactory()
VerificationFactory(user=u2)
form = ConfirmEmailForm(
user=u2,
token=v1.token,
data={"token": v1.token},
)
assert not form.is_valid()
assert ["Token is invalid"] == form.errors["token"]
def test_algorithm_update_contains_repo_name(client, uploaded_image):
# The algorithm creator should automatically get added to the editors group
creator = get_algorithm_creator()
VerificationFactory(user=creator, is_verified=True)
response = get_view_for_user(
viewname="algorithms:create",
client=client,
method=client.get,
follow=True,
user=creator,
)
assert response.status_code == 200
assert "repo_name" not in response.rendered_content
alg = AlgorithmFactory()
alg.add_editor(user=creator)
response = get_view_for_user(
viewname="algorithms:update",
client=client,
method=client.get,
reverse_kwargs={"slug": alg.slug},
follow=True,
user=creator,
)
assert response.status_code == 200
assert "repo_name" in response.rendered_content
def test_can_only_create_one_validation(self):
u = UserFactory()
VerificationFactory(user=u)
form = VerificationForm(user=u, data={"email": u.email, "user": u})
assert ["You have already made a verification request"
] == form.errors["__all__"]
def test_user_with_verification(self, is_verified):
user = UserFactory()
VerificationFactory(user=user, is_verified=is_verified)
form = SubmissionForm(user=user,
creator_must_be_verified=True,
data={"creator": user})
assert bool("creator" in form.errors) is not is_verified
def test_user_can_not_verify_other_token(self):
call_command("check_permissions")
u1 = UserenaSignup.objects.create_user(
"userena", "*****@*****.**", "testpassword", active=True
)
v1 = VerificationFactory(user=u1)
u2 = UserenaSignup.objects.create_user(
"userena2", "*****@*****.**", "testpassword", active=True
)
VerificationFactory(user=u2)
form = ConfirmEmailForm(
user=u2, token=v1.token, data={"token": v1.token},
)
assert not form.is_valid()
assert ["Token is invalid"] == form.errors["token"]
def test_cannot_make_validation_with_other_validation_email(self):
call_command("check_permissions")
u = UserenaSignup.objects.create_user(
"userena", "*****@*****.**", "testpassword", active=True
)
v = VerificationFactory(user=u)
form = VerificationForm(user=UserFactory(), data={"email": v.email})
assert ["This email is already in use"] == form.errors["email"]
def test_user_can_verify(self):
user = UserFactory()
verification = VerificationFactory(user=user)
form = ConfirmEmailForm(
user=user,
token=verification.token,
data={"token": verification.token},
)
assert form.is_valid()
def workstation_set():
ws = WorkstationFactory()
wsi = WorkstationImageFactory(workstation=ws)
e, u, u1 = UserFactory(), UserFactory(), UserFactory()
for user in [e, u, u1]:
VerificationFactory(user=user, is_verified=True)
wss = WorkstationSet(workstation=ws, editor=e, user=u, user1=u1, image=wsi)
wss.workstation.add_editor(user=e)
wss.workstation.add_user(user=u)
return wss
def test_can_only_create_one_validation(self):
call_command("check_permissions")
u = UserenaSignup.objects.create_user(
"userena", "*****@*****.**", "testpassword", active=True
)
VerificationFactory(user=u)
form = VerificationForm(user=u, data={"email": u.email, "user": u})
assert ["You have already made a verification request"] == form.errors[
"__all__"
]
def test_user_with_verification(self, is_verified):
call_command("check_permissions")
user = UserenaSignup.objects.create_user("userena",
"*****@*****.**",
"testpassword",
active=True)
VerificationFactory(user=user, is_verified=is_verified)
form = SubmissionForm(user=user,
creator_must_be_verified=True,
data={"creator": user})
assert bool("creator" in form.errors) is not is_verified
def test_user_can_verify(self):
call_command("check_permissions")
user = UserenaSignup.objects.create_user(
"userena", "*****@*****.**", "testpassword", active=True
)
verification = VerificationFactory(user=user)
form = ConfirmEmailForm(
user=user,
token=verification.token,
data={"token": verification.token},
)
assert form.is_valid()
def test_user_can_not_verify_other_token(self, settings):
settings.task_eager_propagates = (True, )
settings.task_always_eager = (True, )
u1 = UserFactory()
v1 = VerificationFactory(user=u1)
u2 = UserFactory()
form = ConfirmEmailForm(user=u2,
token=v1.token,
data={"token": v1.token})
assert not form.is_valid()
assert ["Token is invalid"] == form.errors["token"]
u1.refresh_from_db()
u2.refresh_from_db()
v1.refresh_from_db()
assert u1.is_active is True
assert u2.is_active is False
assert v1.is_verified is None
def test_can_upload_more_verified(settings):
user = UserFactory()
upload = UserUpload.objects.create(creator=user)
presigned_urls = upload.generate_presigned_urls(part_numbers=[1])
put(presigned_urls["1"], data=b"123")
settings.UPLOADS_MAX_SIZE_UNVERIFIED = 2
assert upload.can_upload_more is False
VerificationFactory(user=user, is_verified=True)
assert upload.can_upload_more is True
settings.UPLOADS_MAX_SIZE_VERIFIED = 2
assert upload.can_upload_more is False
def test_redirect_view(get, post, client):
resp = Response()
resp.status_code = 200
resp.headers["Content-Type"] = "application/json"
resp._content = b'{"access_token": "tok", "expires_in": "3600", "refresh_token": "ref", "refresh_token_expires_in":"7200", "id": 1}'
post.return_value = resp
get.return_value = resp
user = UserFactory()
response = get_view_for_user(
client=client,
viewname="github:install-complete",
data={"state": "None"},
user=user,
)
assert response.status_code == 404
error_msg = (
'<div class="mb-2">Unfortunately something went wrong while trying '
"to find the requested algorithm.</div><div>If you were trying to "
"link a github repository to an algorithm, please do so manually in "
"the algorithm's settings.</div>")
assert error_msg in response.content.decode("utf-8")
alg = AlgorithmFactory()
alg.add_editor(user)
response = get_view_for_user(
client=client,
viewname="github:install-complete",
data={"state": alg.slug},
user=user,
follow=True,
)
# User is not verified
assert response.status_code == 403
VerificationFactory(user=user, is_verified=True)
response = get_view_for_user(
client=client,
viewname="github:install-complete",
data={"state": alg.slug},
user=user,
follow=True,
)
assert response.status_code == 200
assert f"Add GitHub repository to {alg.title}" in response.rendered_content
def test_algorithm_create(client, uploaded_image):
# The algorithm creator should automatically get added to the editors group
creator = get_algorithm_creator()
VerificationFactory(user=creator, is_verified=True)
ws = WorkstationFactory()
ci = ComponentInterface.objects.get(slug="generic-medical-image")
def try_create_algorithm():
return get_view_for_user(
viewname="algorithms:create",
client=client,
method=client.post,
data={
"title": "foo bar",
"logo": uploaded_image(),
"workstation": ws.pk,
"credits_per_job": 1,
"image_requires_gpu": False,
"image_requires_memory_gb": 4,
"inputs": [ci.pk],
"outputs": [ComponentInterfaceFactory().pk],
"contact_email": creator.email,
"display_editors": True,
"access_request_handling": AccessRequestHandlingOptions.MANUAL_REVIEW,
"view_content": "{}",
},
follow=True,
user=creator,
)
response = try_create_algorithm()
assert "error_1_id_workstation" in response.rendered_content
# The editor must have view permissions for the workstation to add it
ws.add_user(user=creator)
response = try_create_algorithm()
assert "error_1_id_workstation" not in response.rendered_content
assert response.status_code == 200
alg = Algorithm.objects.get(title="foo bar")
assert alg.slug == "foo-bar"
assert alg.is_editor(user=creator)
assert not alg.is_user(user=creator)
assert is_following(user=creator, obj=alg)
def test_algorithm_image_create_detail(client):
user = UserFactory()
VerificationFactory(user=user, is_verified=True)
algorithm = AlgorithmFactory()
algorithm.add_editor(user)
algorithm_image = UserUploadFactory(filename="test_image.tar.gz",
creator=user)
algorithm_image.status = algorithm_image.StatusChoices.COMPLETED
algorithm_image.save()
response = get_view_for_user(
client=client,
viewname="algorithms:image-create",
reverse_kwargs={"slug": algorithm.slug},
user=user,
)
assert response.status_code == 200
assert AlgorithmImage.objects.all().count() == 0
response = get_view_for_user(
client=client,
method=client.post,
viewname="algorithms:image-create",
reverse_kwargs={"slug": algorithm.slug},
user=user,
data={
"user_upload": algorithm_image.pk,
"requires_memory_gb": 24,
"creator": user.pk,
"algorithm": algorithm.pk,
},
)
assert response.status_code == 302
images = AlgorithmImage.objects.all()
assert len(images) == 1
assert images[0].algorithm == algorithm
assert response.url == reverse(
"algorithms:image-detail",
kwargs={
"slug": algorithm.slug,
"pk": images[0].pk
},
)
def test_autocomplete_for_verified_email(self, client):
archive = ArchiveFactory()
admin = UserFactory()
archive.add_editor(admin)
user = UserFactory()
VerificationFactory(user=user, is_verified=True)
response = get_view_for_user(
client=client,
viewname="users-autocomplete",
user=admin,
data={"q": user.verification.email},
)
assert response.status_code == 200
assert str(user.pk) in response.json()["results"][0]["id"]
def test_workstationimage_create(client):
u2 = UserFactory()
VerificationFactory(user=u2, is_verified=True)
w1 = WorkstationFactory()
w2 = WorkstationFactory()
w2.add_editor(user=u2)
user_upload = UserUploadFactory(filename="test_image.tar.gz", creator=u2)
user_upload.status = user_upload.StatusChoices.COMPLETED
user_upload.save()
assert w1.workstationimage_set.count() == 0
assert w2.workstationimage_set.count() == 0
response = get_view_for_user(
client=client,
method=client.post,
viewname="workstations:image-create",
reverse_kwargs={"slug": w2.slug},
user=u2,
data={
"user_upload": user_upload.pk,
"creator": u2.pk,
"workstation": w2.pk,
"initial_path": "a",
"websocket_port": 1337,
"http_port": 1234,
},
)
assert response.status_code == 302
w1.refresh_from_db()
w2.refresh_from_db()
assert w1.workstationimage_set.count() == 0
w2_images = w2.workstationimage_set.all()
assert len(w2_images) == 1
assert w2_images[0].creator == u2
assert w2_images[0].websocket_port == 1337
assert w2_images[0].http_port == 1234
assert w2_images[0].user_upload == user_upload
assert w2_images[0].initial_path == "a"
def test_autocomplete_filter_options(self, client, filter, is_verified):
archive = ArchiveFactory()
admin = UserFactory()
archive.add_editor(admin)
first_name = "Jane"
last_name = "Doe"
if is_verified:
u = UserFactory()
VerificationFactory(user=u, is_verified=True)
u.first_name = first_name
u.last_name = last_name
u.save()
else:
u = UserFactory(first_name=first_name, last_name=last_name)
u.full_name = u.get_full_name().title()
filter_criterion = getattr(u, filter)
def get_user_autocomplete():
return get_view_for_user(
client=client,
viewname="users-autocomplete",
user=admin,
data={"q": filter_criterion},
)
response = get_user_autocomplete()
assert response.status_code == 200
assert str(u.pk) in response.json()["results"][0]["id"]
assert (
html_escape(str(u.user_profile.get_mugshot_url()))
in response.json()["results"][0]["text"]
)
assert u.username in response.json()["results"][0]["text"]
assert u.get_full_name() in response.json()["results"][0]["text"]
if is_verified:
assert (
u.verification.email.split("@")[1]
in response.json()["results"][0]["text"]
)
def test_autocomplete_for_verified_email(self, client):
archive = ArchiveFactory()
admin = UserFactory()
archive.add_editor(admin)
call_command("check_permissions")
user = UserenaSignup.objects.create_user("userena",
"*****@*****.**",
"testpassword",
active=True)
VerificationFactory(user=user, is_verified=True)
response = get_view_for_user(
client=client,
viewname="users-autocomplete",
user=admin,
data={"q": user.verification.email},
)
assert response.status_code == 200
assert str(user.pk) in response.json()["results"][0]["id"]
def test_github_webhook(client, settings):
settings.GITHUB_WEBHOOK_SECRET = "secret"
user = UserFactory()
VerificationFactory(user=user, is_verified=True)
token = GitHubUserTokenFactory(user=user)
data = {"test": "test", "sender": {"id": token.github_user_id}}
signature = hmac.new(
bytes(settings.GITHUB_WEBHOOK_SECRET, encoding="utf8"),
msg=json.dumps(data).encode(),
digestmod=hashlib.sha256,
).hexdigest()
signature = f"sha256={signature}"
assert GitHubWebhookMessage.objects.count() == 0
response = get_view_for_user(
client=client,
method=client.post,
user=user,
viewname="api:github-webhook",
data=data,
content_type="application/json",
HTTP_X_HUB_SIGNATURE_256=signature[:-1],
)
assert response.status_code == 403
assert GitHubWebhookMessage.objects.count() == 0
response = get_view_for_user(
client=client,
method=client.post,
user=user,
viewname="api:github-webhook",
data=data,
content_type="application/json",
HTTP_X_HUB_SIGNATURE_256=signature,
)
assert response.status_code == 200
assert GitHubWebhookMessage.objects.count() == 1
def test_permission_required_views(self, client):
ai = AlgorithmImageFactory(ready=True)
s = RawImageUploadSessionFactory()
u = UserFactory()
j = AlgorithmJobFactory(algorithm_image=ai)
p = AlgorithmPermissionRequestFactory(algorithm=ai.algorithm)
VerificationFactory(user=u, is_verified=True)
for view_name, kwargs, permission, obj, redirect in [
("create", {}, "algorithms.add_algorithm", None, None),
(
"detail",
{"slug": ai.algorithm.slug},
"view_algorithm",
ai.algorithm,
reverse(
"algorithms:permission-request-create",
kwargs={"slug": ai.algorithm.slug},
),
),
(
"update",
{"slug": ai.algorithm.slug},
"change_algorithm",
ai.algorithm,
None,
),
(
"image-create",
{"slug": ai.algorithm.slug},
"change_algorithm",
ai.algorithm,
None,
),
(
"image-detail",
{"slug": ai.algorithm.slug, "pk": ai.pk},
"view_algorithmimage",
ai,
None,
),
(
"image-update",
{"slug": ai.algorithm.slug, "pk": ai.pk},
"change_algorithmimage",
ai,
None,
),
(
"execution-session-create-batch",
{"slug": ai.algorithm.slug},
"execute_algorithm",
ai.algorithm,
None,
),
(
"execution-session-create",
{"slug": ai.algorithm.slug},
"execute_algorithm",
ai.algorithm,
None,
),
(
"execution-session-detail",
{"slug": ai.algorithm.slug, "pk": s.pk},
"view_rawimageuploadsession",
s,
None,
),
(
"job-experiment-detail",
{"slug": ai.algorithm.slug, "pk": j.pk},
"view_job",
j,
None,
),
(
"job-detail",
{"slug": ai.algorithm.slug, "pk": j.pk},
"view_job",
j,
None,
),
(
"job-update",
{"slug": ai.algorithm.slug, "pk": j.pk},
"change_job",
j,
None,
),
(
"job-viewers-update",
{"slug": ai.algorithm.slug, "pk": j.pk},
"change_job",
j,
None,
),
(
"editors-update",
{"slug": ai.algorithm.slug},
"change_algorithm",
ai.algorithm,
None,
),
(
"users-update",
{"slug": ai.algorithm.slug},
"change_algorithm",
ai.algorithm,
None,
),
(
"permission-request-update",
{"slug": ai.algorithm.slug, "pk": p.pk},
"change_algorithm",
ai.algorithm,
None,
),
]:
def _get_view():
return get_view_for_user(
client=client,
viewname=f"algorithms:{view_name}",
reverse_kwargs=kwargs,
user=u,
)
response = _get_view()
if redirect is not None:
assert response.status_code == 302
assert response.url == redirect
else:
assert response.status_code == 403
assign_perm(permission, u, obj)
response = _get_view()
assert response.status_code == 200
remove_perm(permission, u, obj)
def test_permission_required_views(self, client):
e = EvaluationFactory()
u = UserFactory()
VerificationFactory(user=u, is_verified=True)
for view_name, kwargs, permission, obj in [
(
"phase-create",
{},
"change_challenge",
e.submission.phase.challenge,
),
(
"phase-update",
{
"slug": e.submission.phase.slug
},
"change_phase",
e.submission.phase,
),
(
"method-create",
{},
"change_challenge",
e.submission.phase.challenge,
),
("method-detail", {
"pk": e.method.pk
}, "view_method", e.method),
(
"submission-create",
{
"slug": e.submission.phase.slug
},
"create_phase_submission",
e.submission.phase,
),
(
"submission-create-legacy",
{
"slug": e.submission.phase.slug
},
"change_challenge",
e.submission.phase.challenge,
),
(
"submission-detail",
{
"pk": e.submission.pk
},
"view_submission",
e.submission,
),
("update", {
"pk": e.pk
}, "change_evaluation", e),
("detail", {
"pk": e.pk
}, "view_evaluation", e),
]:
response = get_view_for_user(
client=client,
viewname=f"evaluation:{view_name}",
reverse_kwargs={
"challenge_short_name":
e.submission.phase.challenge.short_name,
**kwargs,
},
user=u,
)
assert response.status_code == 403
assign_perm(permission, u, obj)
response = get_view_for_user(
client=client,
viewname=f"evaluation:{view_name}",
reverse_kwargs={
"challenge_short_name":
e.submission.phase.challenge.short_name,
**kwargs,
},
user=u,
)
assert response.status_code == 200
remove_perm(permission, u, obj)
def test_cannot_make_validation_with_other_validation_email(self):
u = UserFactory()
v = VerificationFactory(user=u)
form = VerificationForm(user=UserFactory(), data={"email": v.email})
assert ["This email is already in use"] == form.errors["email"]