Ejemplo n.º 1
0
class ProcessTagCleanupsTestCase(TestCase):
    def setUp(self):
        self.user_factory = UserFactory()
        self.superuser = self.user_factory.create(is_superuser=True)
        self.user = self.user_factory.create()
        self.tag_cleanups = TagCleanup.objects.bulk_create([
            TagCleanup(old_name='foo', new_name='bar'),
            TagCleanup(old_name='foo', new_name='baz')
        ])

    def test_process_tagcleanups_permission(self):
        self.client.login(username=self.user.username, password=self.user_factory.password)

        # Users without process_tagcleanup permission should not be able to use the route
        response = self.client.post(TagCleanup.process_url())
        self.assertEqual(response.status_code, 403)
        self.assertEqual(TagCleanup.objects.filter(transaction_id__isnull=True).count(), 2)

        # Superusers can call the process route to process tag cleanups
        self.client.login(username=self.superuser.username, password=self.user_factory.password)
        response = self.client.post(TagCleanup.process_url(), data={'action': 'process'})
        self.assertEqual(response.status_code, 302)
        self.assertEqual(TagCleanup.objects.filter(transaction_id__isnull=True).count(), 0)

    def test_no_delete_permission_on_inactive_tagcleanups(self):
        tag_cleanup = TagCleanup.objects.get(new_name='bar')
        ph = TagCleanupPermissionHelper(TagCleanup)
        self.assertIsNone(tag_cleanup.transaction_id)
        self.assertTrue(ph.user_can_delete_obj(self.superuser, tag_cleanup))
        TagCleanup.objects.process()
        tag_cleanup = TagCleanup.objects.get(new_name='bar')
        self.assertIsNotNone(tag_cleanup.transaction_id)
        self.assertFalse(ph.user_can_delete_obj(self.superuser, tag_cleanup))
Ejemplo n.º 2
0
 def setUp(self):
     self.user_factory = UserFactory()
     submitter = self.user_factory.create()
     self.create_representative_users(submitter)
     self.instance_factory = CodebaseFactory(submitter=submitter)
     self.instance = self.instance_factory.create()
     self.instance.create_release(live=True, draft=False, initialize=False)
Ejemplo n.º 3
0
 def setUp(self):
     user_factory = UserFactory()
     self.submitter = user_factory.create()
     self.profile = self.submitter.member_profile
     self.profile.personal_url = 'https://geocities.com/{}'.format(
         self.submitter.username)
     self.profile.save()
Ejemplo n.º 4
0
 def setUp(self):
     self.user_factory = UserFactory()
     self.superuser = self.user_factory.create(is_superuser=True)
     self.user = self.user_factory.create()
     self.tag_cleanups = TagCleanup.objects.bulk_create([
         TagCleanup(old_name='foo', new_name='bar'),
         TagCleanup(old_name='foo', new_name='baz')
     ])
Ejemplo n.º 5
0
 def setUp(self):
     self.user_factory = UserFactory()
     self.submitter = self.user_factory.create(username='******')
     self.other_user = self.user_factory.create(username='******')
     codebase_factory = CodebaseFactory(submitter=self.submitter)
     self.codebase = codebase_factory.create()
     self.codebase_release = self.codebase.create_release(draft=False,
                                                          initialize=False)
     self.path = self.codebase_release.get_list_url()
Ejemplo n.º 6
0
 def setUp(self):
     self.user_factory = UserFactory()
     self.submitter = self.user_factory.create(username='******')
     self.superuser = self.user_factory.create(username='******',
                                               is_superuser=True)
     self.other_user = self.user_factory.create(username='******')
     codebase_factory = CodebaseFactory(submitter=self.submitter)
     self.codebase = codebase_factory.create()
     self.codebase_release = self.codebase.create_release(draft=False,
                                                          initialize=False)
Ejemplo n.º 7
0
 def setUp(self):
     self.user_factory = UserFactory()
     self.submitter = self.user_factory.create()
     codebase_factory = CodebaseFactory(submitter=self.submitter)
     self.codebase = codebase_factory.create()
     # Want to test get_fs_api creates the file system even if file system is not initialized properly
     self.codebase_release = self.codebase.create_release(initialize=False)
     contributor_factory = ContributorFactory(user=self.submitter)
     self.contributor = contributor_factory.create()
     self.release_contributor_factory = ReleaseContributorFactory(
         codebase_release=self.codebase_release)
Ejemplo n.º 8
0
 def setUp(self):
     self.user_factory = UserFactory()
     self.user = self.user_factory.create()
     self.codebase_factory = CodebaseFactory(self.user)
     self.codebase = self.codebase_factory.create()
     self.event_factory = EventFactory(self.user)
     self.event = self.event_factory.create()
     self.job_factory = JobFactory(self.user)
     self.job = self.job_factory.create()
     tag = Tag(name='a random tag')
     tag.save()
Ejemplo n.º 9
0
    def setUp(self):
        user_factory = UserFactory()
        self.submitter = user_factory.create()
        codebase_factory = CodebaseFactory(submitter=self.submitter)
        contributor_factory = ContributorFactory(user=self.submitter)
        contributor = contributor_factory.create(user=self.submitter)

        self.codebase = codebase_factory.create(submitter=self.submitter)
        self.codebase_release = self.codebase.create_release(initialize=False)
        release_contributor_factory = ReleaseContributorFactory(
            codebase_release=self.codebase_release)
        release_contributor_factory.create(contributor=contributor)
Ejemplo n.º 10
0
class CodebaseReleaseViewSetTestCase(BaseViewSetTestCase):
    _view = CodebaseReleaseViewSet

    def setUp(self):
        self.user_factory = UserFactory()
        self.submitter = self.user_factory.create(username='******')
        self.other_user = self.user_factory.create(username='******')
        codebase_factory = CodebaseFactory(submitter=self.submitter)
        self.codebase = codebase_factory.create()
        self.codebase_release = self.codebase.create_release(draft=False,
                                                             initialize=False)
        self.path = self.codebase_release.get_list_url()

    def test_release_creation_only_if_codebase_change_permission(self):
        response = self.client.post(path=self.path,
                                    format='json',
                                    HTTP_ACCEPT='application/json')
        self.assertResponsePermissionDenied(response)

        self.login(self.other_user, self.user_factory.password)
        response_other_user = self.client.post(path=self.path,
                                               data=None,
                                               HTTP_ACCEPT='application/json',
                                               format='json')
        self.assertResponsePermissionDenied(response_other_user)

        self.login(self.submitter, self.user_factory.password)
        response_submitter = self.client.post(path=self.path,
                                              HTTP_ACCEPT='application/json',
                                              format='json')
        self.assertResponseCreated(response_submitter)

    def test_destroy_method_not_allowed(self):
        path = self.codebase_release.get_absolute_url()

        response = self.client.delete(path=path)
        self.assertResponseMethodNotAllowed(response)

        self.client.login(username=self.other_user.username,
                          password=self.user_factory.password)
        response = self.client.delete(path=path,
                                      HTTP_ACCEPT='application/json')
        self.assertResponseMethodNotAllowed(response)

        self.client.login(username=self.submitter.username,
                          password=self.user_factory.password)
        response = self.client.delete(path=path,
                                      HTTP_ACCEPT='application/json')
        self.assertResponseMethodNotAllowed(response)
Ejemplo n.º 11
0
class WagtailAdminLoginTestCase(TestCase):
    def setUp(self):
        self.user_factory = UserFactory()
        self.superuser = self.user_factory.create(is_superuser=True)
        self.staff = self.user_factory.create(is_staff=True)

    def assertLoginStatusCodeMatchForUser(self, user, status_code):
        success = self.client.login(username=user.username, password=self.user_factory.password)
        if success:
            response = self.client.get(reverse('wagtailadmin_home'))
            self.assertEqual(response.status_code, status_code)
        else:
            raise ValueError('login for user {} failed'.format(user))

    def test_regular_login(self):
        regular_user = self.user_factory.create()
        self.assertLoginStatusCodeMatchForUser(regular_user, status.HTTP_403_FORBIDDEN)

    def test_superuser_login(self):
        superuser = self.user_factory.create(is_superuser=True)
        self.assertLoginStatusCodeMatchForUser(superuser, status.HTTP_200_OK)

    def test_staff_login(self):
        staff = self.user_factory.create(is_staff=True)
        self.assertLoginStatusCodeMatchForUser(staff, status.HTTP_403_FORBIDDEN)

    def test_access_admin_login(self):
        content_type = ContentType.objects.get(model='admin')
        permission = Permission.objects.get(content_type=content_type, codename='access_admin')
        access_admin_user = self.user_factory.create()
        access_admin_user.user_permissions.add(permission)
        self.assertLoginStatusCodeMatchForUser(access_admin_user, status.HTTP_200_OK)
Ejemplo n.º 12
0
    def setUpReviewData(cls):
        cls.user_factory = UserFactory()
        cls.editor = cls.user_factory.create().member_profile
        cls.reviewer = cls.user_factory.create().member_profile
        cls.submitter = cls.user_factory.create()

        cls.codebase_factory = CodebaseFactory(cls.submitter)
        cls.codebase = cls.codebase_factory.create()
        cls.codebase_release = cls.codebase.create_release(initialize=False)
        cls.review_factory = PeerReviewFactory(
            submitter=cls.codebase.submitter.member_profile,
            codebase_release=cls.codebase_release)
        cls.review = cls.review_factory.create()
Ejemplo n.º 13
0
class TagCleanupTestCase(TestCase):
    def setUp(self):
        self.user_factory = UserFactory()
        self.user = self.user_factory.create()
        self.codebase_factory = CodebaseFactory(self.user)
        self.codebase = self.codebase_factory.create()
        self.event_factory = EventFactory(self.user)
        self.event = self.event_factory.create()
        self.job_factory = JobFactory(self.user)
        self.job = self.job_factory.create()
        tag = Tag(name='a random tag')
        tag.save()

    def add_tags(self, tags):
        self.codebase.tags.add(*tags)
        self.codebase.save()
        self.event.tags.add(*tags)
        self.event.save()
        self.job.tags.add(*tags)
        self.job.save()

    def check_tag_name_presence(self, model, names):
        self.assertEqual(model.tags.filter(name__in=names).count(), len(names))

    def test_tag_many_to_many(self):
        old_tags = [Tag(name='abm'), Tag(name='agent based model (python)')]
        for t in old_tags:
            t.save()
        self.add_tags(old_tags)
        new_names = ['agent based model', 'python']
        for old_tag in old_tags:
            for new_name in new_names:
                TagCleanup.objects.create(new_name=new_name, old_name=old_tag.name)
        TagCleanup.objects.process()
        self.check_tag_name_presence(Event, new_names)
        self.check_tag_name_presence(Job, new_names)
        self.check_tag_name_presence(Codebase, new_names)

    def test_tag_delete(self):
        tag = Tag.objects.get(name='a random tag')
        self.add_tags([tag])
        new_names = []
        # Empty string new_value is a sentinel value for deletion
        TagCleanup.objects.create(old_name='a random tag', new_name='')
        TagCleanup.objects.process()
        self.assertEqual(Tag.objects.count(), 0)
        self.check_tag_name_presence(Event, new_names)
        self.check_tag_name_presence(Job, new_names)
        self.check_tag_name_presence(Codebase, new_names)
Ejemplo n.º 14
0
class CodebaseReleaseDraftViewTestCase(ApiAccountMixin,
                                       ResponseStatusCodesMixin, TestCase):
    def setUp(self):
        self.user_factory = UserFactory()
        self.submitter = self.user_factory.create(username='******')
        self.other_user = self.user_factory.create(username='******')
        codebase_factory = CodebaseFactory(submitter=self.submitter)
        self.codebase = codebase_factory.create()
        self.codebase_release = self.codebase.create_release(draft=False,
                                                             live=False,
                                                             initialize=False)
        self.path = self.codebase.get_draft_url()

    def test_release_creation_only_if_codebase_change_permission(self):
        response = self.client.post(path=self.path)
        self.assertResponsePermissionDenied(response)

        self.login(self.other_user, self.user_factory.password)
        response_other_user = self.client.post(path=self.path)
        self.assertResponsePermissionDenied(response_other_user)

        self.login(self.submitter, self.user_factory.password)
        response_submitter = self.client.post(path=self.path)
        self.assertResponseFound(response_submitter)
Ejemplo n.º 15
0
class ArchiveExtractorTestCase(TestCase):
    nestedcode_folder_name = 'library/tests/archives/nestedcode'

    def setUp(self):
        self.user_factory = UserFactory()
        self.submitter = self.user_factory.create()
        self.codebase_factory = CodebaseFactory(submitter=self.submitter)
        self.codebase = self.codebase_factory.create()
        self.codebase_release = self.codebase.create_release()

    def test_zipfile_saving(self):
        fs_api = self.codebase_release.get_fs_api()
        msgs = import_archive(codebase_release=self.codebase_release,
                              nestedcode_folder_name=self.nestedcode_folder_name,
                              fs_api=fs_api)
        logs, level = msgs.serialize()
        self.assertEquals(level, MessageLevels.warning)
        self.assertEquals(len(logs), 2)
        self.assertEqual(set(fs_api.list(StagingDirectories.originals, FileCategoryDirectories.code)),
                         {'nestedcode.zip'})
        # Notice that .DS_Store and .svn folder file are eliminated
        self.assertEqual(set(fs_api.list(StagingDirectories.sip, FileCategoryDirectories.code)),
                         {'src/ex.py', 'README.md'})
        fs_api.get_or_create_sip_bag(self.codebase_release.bagit_info)
        fs_api.clear_category(FileCategoryDirectories.code)
        self.assertEqual(set(fs_api.list(StagingDirectories.originals, FileCategoryDirectories.code)),
                         set())
        self.assertEqual(set(fs_api.list(StagingDirectories.sip, FileCategoryDirectories.code)),
                         set())

    def test_invalid_zipfile_saving(self):
        archive_name = 'library/tests/archives/invalid.zip'
        fs_api = self.codebase_release.get_fs_api()
        with open(archive_name, 'rb') as f:
            msgs = fs_api.add(FileCategoryDirectories.code, content=f, name="invalid.zip")
        logs, level = msgs.serialize()
        self.assertEquals(level, MessageLevels.error)
        self.assertEquals(len(logs), 1)

    @classmethod
    def tearDownClass(cls):
        super().tearDownClass()
        if os.path.exists(cls.nestedcode_folder_name):
            os.remove("{}.zip".format(cls.nestedcode_folder_name))
Ejemplo n.º 16
0
class EventSerializerTestCase(TestCase):
    def setUp(self):
        self.user_factory = UserFactory()
        self.user = self.user_factory.create()
        self.event_factory = EventFactory(submitter=self.user)

    def test_start_date_lth_end_date(self):
        event = self.event_factory.create_unsaved()
        dt = datetime.now() + timedelta(days=1)
        event.start_date = dt
        event.end_date = dt

        serialized_event = EventSerializer(event).data
        with self.assertRaises(ValidationError):
            deserialized_event = EventSerializer(data=serialized_event)
            deserialized_event.is_valid(raise_exception=True)

        event.end_date = event.start_date + timedelta(days=1)
        serialized_event = EventSerializer(event).data
        deserialized_event = EventSerializer(data=serialized_event)
        deserialized_event.is_valid(raise_exception=True)
Ejemplo n.º 17
0
class WagtailAdminLoginTestCase(TestCase):
    def setUp(self):
        self.user_factory = UserFactory()
        self.superuser = self.user_factory.create(is_superuser=True)
        self.staff = self.user_factory.create(is_staff=True)

    def assertLoginStatusCodeMatchForUser(self, user, status_code):
        success = self.client.login(username=user.username,
                                    password=self.user_factory.password)
        if success:
            response = self.client.get(reverse('wagtailadmin_home'))
            self.assertEqual(response.status_code, status_code)
            return response
        else:
            raise ValueError('login for user {} failed'.format(user))

    def test_regular_login(self):
        regular_user = self.user_factory.create()
        # default behavior for wagtail admin login failed is a 302 redirect to the login page
        response = self.assertLoginStatusCodeMatchForUser(
            regular_user, status.HTTP_302_FOUND)
        message = response.context['message']
        self.assertEqual(message,
                         'You do not have permission to access the admin')

    def test_superuser_login(self):
        superuser = self.user_factory.create(is_superuser=True)
        self.assertLoginStatusCodeMatchForUser(superuser, status.HTTP_200_OK)

    def test_staff_login(self):
        staff = self.user_factory.create(is_staff=True)
        response = self.assertLoginStatusCodeMatchForUser(
            staff, status.HTTP_302_FOUND)
        message = response.context['message']
        self.assertEqual(message,
                         'You do not have permission to access the admin')

    def test_access_admin_login(self):
        content_type = ContentType.objects.get(model='admin')
        permission = Permission.objects.get(content_type=content_type,
                                            codename='access_admin')
        access_admin_user = self.user_factory.create()
        access_admin_user.user_permissions.add(permission)
        self.assertLoginStatusCodeMatchForUser(access_admin_user,
                                               status.HTTP_200_OK)
Ejemplo n.º 18
0
class EventViewSetTestCase(BaseViewSetTestCase):
    _view = EventViewSet

    def setUp(self):
        self.user_factory = UserFactory()
        submitter = self.user_factory.create(username='******')
        self.instance_factory = EventFactory(submitter=submitter)
        self.create_representative_users(submitter)
        self.instance = self.instance_factory.create()

    def test_retrieve(self):
        self.check_retrieve()

    def test_destroy(self):
        self.check_destroy()

    def test_update(self):
        self.check_update()

    def test_create(self):
        self.check_create()

    def test_list(self):
        self.check_list()
Ejemplo n.º 19
0
class CodebaseReleasePublishTestCase(TestCase):
    client_class = APIClient

    def setUp(self):
        self.user_factory = UserFactory()
        self.submitter = self.user_factory.create()
        codebase_factory = CodebaseFactory(submitter=self.submitter)
        self.codebase = codebase_factory.create()
        # Want to test get_fs_api creates the file system even if file system is not initialized properly
        self.codebase_release = self.codebase.create_release(initialize=False)
        contributor_factory = ContributorFactory(user=self.submitter)
        self.contributor = contributor_factory.create()
        self.release_contributor_factory = ReleaseContributorFactory(
            codebase_release=self.codebase_release)

    def test_publish_codebaserelease(self):
        with self.assertRaises(ValidationError):
            self.codebase_release.publish()

        self.release_contributor_factory.create(self.contributor)
        with self.assertRaises(ValidationError):
            self.codebase_release.publish()

        self.client.login(username=self.submitter.username,
                          password=self.user_factory.password)
        response = self.client.post(self.codebase_release.regenerate_share_url,
                                    HTTP_ACCEPT='application/json')
        self.assertEqual(response.status_code, 200)

        code_file = io.BytesIO(bytes('Hello world!', 'utf8'))
        code_file.name = 'test.nlogo'

        docs_file = io.BytesIO(bytes('A new model', 'utf8'))
        docs_file.name = 'README.md'

        api = self.codebase_release.get_fs_api()
        api.add(content=code_file, category=FileCategoryDirectories.code)
        api.add(content=docs_file, category=FileCategoryDirectories.docs)

        with self.assertRaises(
                ValidationError,
                msg='Codebase has no metadata, should fail publish'):
            self.codebase_release.publish()

        # FIXME: add metadata to codebase release and verify that publish doesn't raise a ValidationError
        self.codebase_release.os = 'Windows'
        self.assertRaises(ValidationError,
                          lambda: self.codebase_release.publish())

        self.codebase_release.license = License.objects.create(
            name='0BSD', url='https://spdx.org/licenses/0BSD.html')
        self.assertRaises(ValidationError,
                          lambda: self.codebase_release.publish())

        self.codebase_release.programming_languages.add('Java')

        self.codebase_release.publish()

        download_response = self.client.get(
            self.codebase_release.get_review_download_url())
        self.assertEqual(
            download_response.status_code,
            404,
            msg=
            'Published model should not allow access to a review download URL')
        response = self.client.post(self.codebase_release.regenerate_share_url,
                                    HTTP_ACCEPT='application/json')
        self.assertEqual(
            response.status_code,
            400,
            msg=
            'Published model should not permit regeneration of a unique share URL'
        )
Ejemplo n.º 20
0
class CodebaseViewSetTestCase(BaseViewSetTestCase):
    _view = CodebaseViewSet

    @property
    def serializer_class(self):
        view = self.view_class()
        view.action = self.action
        return view.get_serializer_class()

    def setUp(self):
        self.user_factory = UserFactory()
        submitter = self.user_factory.create()
        self.create_representative_users(submitter)
        self.instance_factory = CodebaseFactory(submitter=submitter)
        self.instance = self.instance_factory.create()
        self.instance.create_release(live=True, draft=False, initialize=False)

    def assertResponseNoPermission(self, instance, response):
        if instance.live:
            self.assertResponsePermissionDenied(response)
        else:
            self.assertResponseNotFound(response)

    def check_retrieve_permissions(self, user, instance):
        response = self.client.get(instance.get_absolute_url(),
                                   HTTP_ACCEPT='application/json',
                                   format='json')
        has_perm = user.has_perm(create_perm_str(self.model_class(), 'view'),
                                 obj=instance)
        if has_perm:
            self.assertResponseOk(response)
        else:
            self.assertResponseNoPermission(instance, response)

    def check_destroy_method_not_allowed(self, user, instance):
        response = self.client.delete(instance.get_absolute_url(),
                                      HTTP_ACCEPT='application/json',
                                      format='json')
        self.assertResponseMethodNotAllowed(response)

    def check_update_permissions(self, user, instance):
        serialized = self.serializer_class(instance)
        response = self.client.put(instance.get_absolute_url(),
                                   serialized.data,
                                   HTTP_ACCEPT='application/json',
                                   format='json')
        has_perm = user.has_perm(create_perm_str(instance, 'change'),
                                 obj=instance)
        if has_perm:
            self.assertResponseOk(response)
        elif instance.live:
            self.assertResponsePermissionDenied(response)
        else:
            self.assertResponseNotFound(response)

    def check_destroy(self):
        for user in self.users_able_to_login:
            codebase = self.instance_factory.create()
            self.instance.create_release(initialize=False)
            codebase = Codebase.objects.get(pk=codebase.id)
            self.with_logged_in(user, codebase,
                                self.check_destroy_method_not_allowed)

            other_codebase = self.instance_factory.create()
            other_codebase.create_release(initialize=False)
            other_codebase = Codebase.objects.get(pk=other_codebase.id)
            assign_perm(create_perm_str(other_codebase, 'delete'),
                        user_or_group=user,
                        obj=other_codebase)
            self.with_logged_in(user, other_codebase,
                                self.check_destroy_method_not_allowed)

        codebase = self.instance_factory.create()
        codebase.create_release(initialize=False)
        codebase = Codebase.objects.get(pk=codebase.id)
        response = self.client.delete(codebase.get_absolute_url())
        self.assertResponseMethodNotAllowed(response)

    def check_update(self):
        for user in self.users_able_to_login:
            codebase = self.instance_factory.create()
            codebase.create_release(initialize=False)
            codebase = Codebase.objects.get(pk=codebase.id)
            self.with_logged_in(user, codebase, self.check_update_permissions)
            assign_perm(create_perm_str(self.instance, 'change'),
                        user_or_group=user,
                        obj=codebase)
            self.with_logged_in(user, codebase, self.check_update_permissions)

        codebase = self.instance_factory.create()
        codebase.create_release(initialize=False)
        codebase = Codebase.objects.get(pk=codebase.id)
        self.check_update_permissions(self.anonymous_user, codebase)

    def test_retrieve(self):
        self.action = 'retrieve'
        self.check_retrieve()

    def test_update(self):
        self.action = 'update'
        self.check_update()

    def test_destroy(self):
        self.action = 'destroy'
        self.check_destroy()

    def test_create(self):
        self.action = 'create'
        self.check_create()

    def test_list(self):
        self.action = 'list'
        self.check_list()
Ejemplo n.º 21
0
 def setUp(self):
     user_factory = UserFactory()
     self.submitter = user_factory.create(username='******')
     job_factory = JobFactory(submitter=self.submitter)
     self.job = job_factory.create()
Ejemplo n.º 22
0
class MemberProfileSerializerTestCase(TestCase):
    def setUp(self):
        self.user_factory = UserFactory()
        self.user = self.user_factory.create()
        self.user.first_name = 'Foo'
        self.user.last_name = 'Bar'
        ComsesGroups.initialize()

    def test_email_address_update(self):
        other_user = self.user_factory.create()
        other_email = other_user.email

        member_profile = self.user.member_profile
        institution = Institution(url='https://foo.org', name='Foo Institute')
        institution.save()
        member_profile.institution = institution
        member_profile.save()
        email_address = EmailAddress.objects.create(user=self.user,
                                                    email=self.user.email)
        email_address.set_as_primary()

        data = MemberProfileSerializer(member_profile).data

        # no change to email address
        serializer = MemberProfileSerializer(instance=member_profile,
                                             data=data)
        serializer.is_valid(raise_exception=True)
        serializer.save()
        self.assertEqual(EmailAddress.objects.count(), 1)

        # acceptable address
        data['email'] = '*****@*****.**'
        serializer = MemberProfileSerializer(instance=member_profile,
                                             data=data)
        serializer.is_valid(raise_exception=True)
        serializer.save()
        self.assertTrue(
            EmailAddress.objects.filter(email=data['email']).exists())

        # conflicting address
        data['email'] = other_email
        serializer = MemberProfileSerializer(instance=member_profile,
                                             data=data)
        serializer.is_valid(raise_exception=True)
        with self.assertRaises(ValidationError):
            serializer.save()

    def test_cannot_downgrade_membership(self):
        membership_profile = self.user.member_profile
        self.assertFalse(membership_profile.full_member)

        institution = Institution(url='https://foo.org', name='Foo Institute')
        institution.save()
        membership_profile.institution = institution
        membership_profile.save()
        membership_profile_data = MemberProfileSerializer(
            membership_profile).data

        # Make user a full down member
        membership_profile_data['full_member'] = True
        serializer = MemberProfileSerializer(instance=membership_profile,
                                             data=membership_profile_data)
        serializer.is_valid(raise_exception=True)
        serializer.save()
        membership_profile = MemberProfile.objects.get(
            id=membership_profile.id)
        self.assertTrue(membership_profile.full_member)

        # Unsuccessfully attempt to downgrade membership status
        membership_profile_data['full_member'] = False
        serializer = MemberProfileSerializer(instance=membership_profile,
                                             data=membership_profile_data)
        serializer.is_valid(raise_exception=True)
        serializer.save()
        membership_profile = MemberProfile.objects.get(
            id=membership_profile.id)
        self.assertTrue(membership_profile.full_member)
Ejemplo n.º 23
0
 def setUp(self):
     self.user_factory = UserFactory()
     self.user = self.user_factory.create()
     self.user.first_name = 'Foo'
     self.user.last_name = 'Bar'
     ComsesGroups.initialize()
Ejemplo n.º 24
0
class CodebaseReleaseTest(BaseModelTestCase):
    def get_perm_str(self, perm_prefix):
        return '{}.{}_{}'.format(CodebaseRelease._meta.app_label, perm_prefix,
                                 CodebaseRelease._meta.model_name)

    def setUp(self):
        self.user_factory = UserFactory()
        self.submitter = self.user_factory.create()
        codebase_factory = CodebaseFactory(submitter=self.submitter)
        self.codebase = codebase_factory.create()
        self.codebase_release = self.codebase.create_release(initialize=False)

    def test_anonymous_user_perms(self):
        anonymous_user = AnonymousUser()
        self.assertFalse(anonymous_user.has_perm(self.get_perm_str('add')))
        self.assertFalse(
            anonymous_user.has_perm(self.get_perm_str('change'),
                                    obj=self.codebase_release))
        self.assertFalse(
            anonymous_user.has_perm(self.get_perm_str('delete'),
                                    obj=self.codebase_release))
        self.assertFalse(
            anonymous_user.has_perm(self.get_perm_str('view'),
                                    obj=self.codebase_release))
        self.codebase_release.live = True
        self.codebase_release.save()
        self.assertTrue(
            anonymous_user.has_perm(self.get_perm_str('view'),
                                    obj=self.codebase_release))

    def test_submitter_perms(self):
        submitter = self.submitter
        self.assertTrue(
            submitter.has_perm(self.get_perm_str('change'),
                               obj=self.codebase_release))
        self.assertTrue(
            submitter.has_perm(self.get_perm_str('delete'),
                               obj=self.codebase_release))
        self.assertTrue(
            submitter.has_perm(self.get_perm_str('view'),
                               obj=self.codebase_release))

    def test_superuser_perms(self):
        superuser = self.user_factory.create(is_superuser=True)
        self.assertTrue(superuser.has_perm(self.get_perm_str('add')))
        self.assertTrue(
            superuser.has_perm(self.get_perm_str('change'),
                               obj=self.codebase_release))
        self.assertTrue(
            superuser.has_perm(self.get_perm_str('delete'),
                               obj=self.codebase_release))
        self.assertTrue(
            superuser.has_perm(self.get_perm_str('view'),
                               obj=self.codebase_release))

    def test_regular_user_perms(self):
        regular_user = self.user_factory.create()
        self.assertTrue(regular_user.has_perm(self.get_perm_str('add')))
        self.assertFalse(
            regular_user.has_perm(self.get_perm_str('change'),
                                  obj=self.codebase_release))
        self.assertFalse(
            regular_user.has_perm(self.get_perm_str('delete'),
                                  obj=self.codebase_release))
        self.assertFalse(
            regular_user.has_perm(self.get_perm_str('view'),
                                  obj=self.codebase_release))
        self.codebase_release.live = True
        self.codebase_release.save()
        self.assertTrue(
            regular_user.has_perm(self.get_perm_str('view'),
                                  obj=self.codebase_release))

    def test_version_number_mutation(self):
        other_codebase_release = self.codebase.create_release(initialize=False)
        version_numbers = other_codebase_release.get_allowed_version_numbers()
        self.assertEqual(
            version_numbers,
            set([
                semver.parse_version_info(vn)
                for vn in {'1.0.1', '1.1.0', '2.0.0'}
            ]))

        with self.assertRaises(ValidationError):
            other_codebase_release.set_version_number('1.0.0')

        with self.assertRaises(ValidationError):
            other_codebase_release.set_version_number('foo-1.0.0')

        other_codebase_release.set_version_number('54.2.0')
        self.assertEqual(other_codebase_release.version_number, '54.2.0')

        other_codebase_release.set_version_number('1.0.1')
        self.assertEqual(other_codebase_release.version_number, '1.0.1')

    def test_create_codebase_release_share_uuid(self):
        """Ensure we can create a second codebase release an it hasa different share uuid"""
        self.codebase_release.share_uuid = uuid.uuid4()
        self.codebase_release.save()
        cr = self.codebase.create_release(initialize=False)
        self.assertNotEqual(self.codebase_release.share_uuid, cr.share_uuid)

    def test_metadata_completeness(self):
        # make sure release contributors are empty since we currently automatically add the submitter as an author
        self.codebase_release.contributors.all().delete()
        self.assertFalse(self.codebase_release.contributors.exists())

        self.assertRaises(ValidationError,
                          lambda: self.codebase_release.validate_publishable())
        self.codebase_release.os = 'Windows'
        self.assertRaises(ValidationError,
                          lambda: self.codebase_release.validate_publishable())

        license = License.objects.create(
            name='0BSD', url='https://spdx.org/licenses/0BSD.html')
        self.codebase_release.license = license
        self.assertRaises(ValidationError,
                          lambda: self.codebase_release.validate_publishable())

        self.codebase_release.programming_languages.add('Java')
        self.assertRaises(ValidationError,
                          lambda: self.codebase_release.validate_publishable())

        release_contributor_factory = ReleaseContributorFactory(
            self.codebase_release)
        contributor_factory = ContributorFactory(user=self.submitter)
        contributor = contributor_factory.create()
        release_contributor_factory.create(contributor)

        self.assertRaises(ValidationError,
                          lambda: self.codebase_release.validate_publishable())
        self.assertTrue(self.codebase_release.validate_metadata())
Ejemplo n.º 25
0
 def setUp(self):
     self.user_factory = UserFactory()
     self.submitter = self.user_factory.create()
     codebase_factory = CodebaseFactory(submitter=self.submitter)
     self.codebase = codebase_factory.create()
     self.codebase_release = self.codebase.create_release(initialize=False)
Ejemplo n.º 26
0
 def setUp(self):
     self.user_factory = UserFactory()
     self.superuser = self.user_factory.create(is_superuser=True)
     self.staff = self.user_factory.create(is_staff=True)
Ejemplo n.º 27
0
 def setUp(self):
     user_factory = UserFactory()
     self.submitter = user_factory.create()
     codebase_factory = CodebaseFactory(submitter=self.submitter)
     self.codebase = codebase_factory.create()
Ejemplo n.º 28
0
class CodebaseReleaseUnpublishedFilesTestCase(ApiAccountMixin,
                                              ResponseStatusCodesMixin,
                                              TestCase):
    """Test file handling for creating a release. Only user with change permission on a unpublished release should be
    able to list, destroy or create files. No user should be able to create or destroy files from a published release"""
    def setUp(self):
        self.user_factory = UserFactory()
        self.submitter = self.user_factory.create(username='******')
        self.superuser = self.user_factory.create(username='******',
                                                  is_superuser=True)
        self.other_user = self.user_factory.create(username='******')
        codebase_factory = CodebaseFactory(submitter=self.submitter)
        self.codebase = codebase_factory.create()
        self.codebase_release = self.codebase.create_release(draft=False,
                                                             initialize=False)

    def test_upload_file(self):
        api = self.codebase_release.get_fs_api()

        # Unpublished codebase release permissions
        response = self.client.post(
            api.get_originals_list_url(category=FileCategoryDirectories.code))
        self.assertResponseNotFound(response)
        for user, expected_status_code in [
            (self.submitter, status.HTTP_400_BAD_REQUEST),
            (self.superuser, status.HTTP_400_BAD_REQUEST),
            (self.other_user, status.HTTP_404_NOT_FOUND)
        ]:
            self.login(user, self.user_factory.password)
            response = self.client.post(api.get_originals_list_url(
                category=FileCategoryDirectories.code),
                                        HTTP_ACCEPT='application/json')
            self.assertEqual(response.status_code,
                             expected_status_code,
                             msg='{} {}'.format(repr(user), response.data))

        self.codebase_release.live = True
        self.codebase_release.draft = False
        self.codebase_release.save()

        # Published codebase release permissions
        self.client.logout()
        response = self.client.post(
            api.get_originals_list_url(category=FileCategoryDirectories.code))
        self.assertResponsePermissionDenied(response)
        for user, expected_status_code in [
            (self.submitter, status.HTTP_403_FORBIDDEN),
            (self.superuser, status.HTTP_403_FORBIDDEN),
            (self.other_user, status.HTTP_403_FORBIDDEN)
        ]:
            self.login(user, self.user_factory.password)
            response = self.client.post(api.get_originals_list_url(
                category=FileCategoryDirectories.code),
                                        HTTP_ACCEPT='application/json')
            self.assertEqual(response.status_code,
                             expected_status_code,
                             msg='{} {}'.format(repr(user), response.data))

    def test_list_files(self):
        api = self.codebase_release.get_fs_api()

        # Unpublished codebase release permissions
        response = self.client.get(
            api.get_originals_list_url(category=FileCategoryDirectories.code))
        self.assertResponseNotFound(response)
        for user, expected_status_code in [
            (self.submitter, status.HTTP_200_OK),
            (self.superuser, status.HTTP_200_OK),
            (self.other_user, status.HTTP_404_NOT_FOUND)
        ]:
            self.login(user, self.user_factory.password)
            response = self.client.get(api.get_originals_list_url(
                FileCategoryDirectories.code),
                                       HTTP_ACCEPT='application/json')
            self.assertEqual(response.status_code,
                             expected_status_code,
                             msg='{} {}'.format(repr(user), response.data))

        self.codebase_release.live = True
        self.codebase_release.draft = False
        self.codebase_release.save()
        self.client.logout()

        # Published codebase release permissions
        response = self.client.get(
            api.get_originals_list_url(FileCategoryDirectories.code))
        self.assertResponsePermissionDenied(response)
        for user, expected_status_code in [
            (self.submitter, status.HTTP_403_FORBIDDEN),
            (self.superuser, status.HTTP_403_FORBIDDEN),
            (self.other_user, status.HTTP_403_FORBIDDEN)
        ]:
            self.login(user, self.user_factory.password)
            response = self.client.get(api.get_originals_list_url(
                FileCategoryDirectories.code),
                                       HTTP_ACCEPT='application/json')
            self.assertEqual(response.status_code,
                             expected_status_code,
                             msg='{} {}'.format(repr(user), response.data))

    def test_delete_file(self):
        path_to_foo = pathlib.Path('foo.txt')
        api = self.codebase_release.get_fs_api()
        print(self.codebase_release)
        print('CodebaseRelease perm %s' % self.submitter.has_perm(
            'library.delete_codebaserelease', self.codebase_release))

        # Unpublished codebase release permissions
        response = self.client.delete(
            api.get_absolute_url(category=FileCategoryDirectories.code,
                                 relpath=path_to_foo))
        self.assertResponseNotFound(response)
        for user, expected_status_code in [
            (self.submitter, status.HTTP_400_BAD_REQUEST),
            (self.superuser, status.HTTP_400_BAD_REQUEST),
            (self.other_user, status.HTTP_404_NOT_FOUND)
        ]:
            self.login(user, self.user_factory.password)
            response = self.client.delete(api.get_absolute_url(
                category=FileCategoryDirectories.code, relpath=path_to_foo),
                                          HTTP_ACCEPT='application/json')
            self.assertEqual(response.status_code,
                             expected_status_code,
                             msg=repr(user))

        self.codebase_release.live = True
        self.codebase_release.draft = False
        self.codebase_release.save()
        self.client.logout()

        # Published codebase release permissions
        response = self.client.delete(
            api.get_absolute_url(category=FileCategoryDirectories.code,
                                 relpath=path_to_foo))
        self.assertResponsePermissionDenied(response)
        for user, expected_status_code in [
            (self.submitter, status.HTTP_403_FORBIDDEN),
            (self.superuser, status.HTTP_403_FORBIDDEN),
            (self.other_user, status.HTTP_403_FORBIDDEN)
        ]:
            self.login(user, self.user_factory.password)
            response = self.client.delete(api.get_absolute_url(
                FileCategoryDirectories.code, path_to_foo),
                                          HTTP_ACCEPT='application/json')
            self.assertEqual(response.status_code,
                             expected_status_code,
                             msg=repr(user))
Ejemplo n.º 29
0
 def setUp(self):
     user_factory = UserFactory()
     self.submitter = user_factory.create(username='******')
     event_factory = EventFactory(submitter=self.submitter)
     self.event = event_factory.create()
Ejemplo n.º 30
0
 def setUp(self):
     self.user_factory = UserFactory()
     submitter = self.user_factory.create(username='******')
     self.instance_factory = EventFactory(submitter=submitter)
     self.create_representative_users(submitter)
     self.instance = self.instance_factory.create()