Ejemplo n.º 1
0
    def test_multiple_shared_works(self):
        request = RequestFactory().post(
            '/api',
            HTTP_AUTHORIZATION='mkt-shared-secret '
            '[email protected],56b6f1a3dd735d962c56'
            'ce7d8f46e02ec1d4748d2c00c407d75f0969d08bb'
            '9c68c31b3371aa8130317815c89e5072e31bb94b4'
            '121c5c165f3515838d4d6c60c4,165d631d3c3045'
            '458b4516242dad7ae')
        request.user = AnonymousUser()
        drf_request = Request(request)

        # Start with an AnonymousUser on the request, because that's a classic
        # situation: we already went through a middleware, it didn't find a
        # session cookie, if set request.user = AnonymousUser(), and now we
        # are going through the authentication code in the API.
        request.user = AnonymousUser()

        # Call middleware as they would normally be called.
        APIBaseMiddleware().process_request(request)
        RestSharedSecretMiddleware().process_request(request)
        RestOAuthMiddleware().process_request(request)

        drf_request.authenticators = (
            authentication.RestSharedSecretAuthentication(),
            authentication.RestOAuthAuthentication())

        eq_(drf_request.user, self.profile)
        eq_(drf_request._request.user, self.profile)
        eq_(drf_request.user.is_authenticated(), True)
        eq_(drf_request._request.user.is_authenticated(), True)
        eq_(drf_request.user.pk, self.profile.pk)
        eq_(drf_request._request.user.pk, self.profile.pk)
Ejemplo n.º 2
0
    def test_bigger_priority_is_first(self):
        """
        Test that records with bigger priority comes first
        make two request, modify prior of them,
        ensure that request with bigger priority comes first
        """
        from django.contrib.auth.models import AnonymousUser
        from .middleware import StoreRequestsDB

        request = RequestFactory().get('')
        request.user = AnonymousUser()
        request.session = {}
        StoreRequestsDB().process_request(request)

        count = HTTPRequest.objects.all().count()
        record = HTTPRequest.objects.all()[0]
        record.priority = 1
        record.save()
        pk = record.pk

        request = RequestFactory().get('')
        request.user = AnonymousUser()
        request.session = {}
        StoreRequestsDB().process_request(request)

        self.assertEqual(HTTPRequest.objects.all().count(), count + 1)
        record = HTTPRequest.objects.all()[0]
        self.assertEqual(pk, record.pk)
Ejemplo n.º 3
0
    def test_asset_create_via_bookmarklet(self):
        data = {'title': 'YouTube Asset',
                'youtube': 'http://www.youtube.com/abcdefghi',
                'asset-source': 'bookmarklet'}

        request = RequestFactory().post('/save/', data)
        request.user = self.instructor_one
        request.course = self.sample_course

        view = AssetCreateView()
        view.request = request
        response = view.post(request)

        self.assertEquals(response.status_code, 200)
        Asset.objects.get(title='YouTube Asset')

        data = {
            'title': 'HTML5 video title',
            'asset-source': 'bookmarklet',
            'video': 'http://www.example.com/video.mp4',
            'video-metadata': 'w480h358',
            'metadata-description': 'Video description',
        }
        request = RequestFactory().post('/save/', data)
        request.user = self.instructor_one
        request.course = self.sample_course

        view = AssetCreateView()
        view.request = request
        response = view.post(request)

        self.assertEquals(response.status_code, 200)
        asset = Asset.objects.get(title='HTML5 video title')
        self.assertEquals(asset.metadata()['description'],
                          [data['metadata-description']])
Ejemplo n.º 4
0
    def test_get_context_data(self):
        request = RequestFactory().get('/dashboard/migrate/')
        request.user = self.instructor_three
        request.course = self.sample_course

        view = MigrateCourseView()
        view.request = request

        ctx = view.get_context_data()

        self.assertEquals(len(ctx['current_course_faculty']), 3)
        self.assertEquals(ctx['current_course_faculty'][0].username,
                          'instructor_one')
        self.assertEquals(ctx['current_course_faculty'][1].username,
                          'instructor_three')
        self.assertEquals(ctx['current_course_faculty'][2].username,
                          'instructor_two')

        self.assertEquals(len(ctx['available_courses']), 2)
        self.assertEquals(ctx['available_courses'][0].title,
                          'Alternate Course')
        self.assertEquals(ctx['available_courses'][1].title,
                          'Sample Course')

        request.user = self.superuser
        ctx = view.get_context_data()
        self.assertEquals(len(ctx['available_courses']), 2)
        self.assertEquals(ctx['available_courses'][0].title,
                          'Alternate Course')
        self.assertEquals(ctx['available_courses'][1].title,
                          'Sample Course')
Ejemplo n.º 5
0
    def get_filters_on_data_fields(self):
        from ..views import PlaceCollectionView, models

        user = User.objects.create(username='******')
        ds = models.DataSet.objects.create(owner=user, id=789,
                                           slug='stuff')
        location = 'POINT (0.0 0.0)'
        models.Place.objects.create(dataset=ds, id=123, location=location, visible=True, data=json.dumps({'favorite_food': 'pizza', 'favorite_color': 'red'}))
        models.Place.objects.create(dataset=ds, id=124, location=location, visible=True, data=json.dumps({'favorite_food': 'asparagus', 'favorite_color': 'green'}))
        models.Place.objects.create(dataset=ds, id=125, location=location, visible=True, data=json.dumps({'favorite_food': 'pizza', 'favorite_color': 'blue'}))
        models.Place.objects.create(dataset=ds, id=126, location=location, visible=True, data=json.dumps({'favorite_food': 'chili', 'favorite_color': 'yellow'}))
        view = PlaceCollectionView()

        # Only visible Places with favorite food 'pizza'...
        request = RequestFactory().get('/api/v1/datasets/test-user/stuff/places/?favorite_food=pizza')
        request.user = user
        request.META['HTTP_ACCEPT'] = 'application/json'
        view.request = request
        response = view.dispatch(request,
                            dataset__owner__username='******',
                            dataset__slug='stuff')

        places = json.loads(response.content)

        assert_equal(len(places), 2)
        ids = set([place['id'] for place in places])
        assert_equal(ids, set([123, 125]))

        # Only visible Places with favorite color 'red' or 'yellow'...
        request = RequestFactory().get('/api/v1/datasets/test-user/stuff/places/?favorite_color=red&favorite_color=yellow')
        request.user = user
        request.META['HTTP_ACCEPT'] = 'application/json'
        view.request = request
        response = view.dispatch(request,
                            dataset__owner__username='******',
                            dataset__slug='stuff')

        places = json.loads(response.content)


        assert_equal(len(places), 2)
        ids = set([place['id'] for place in places])
        assert_equal(ids, set([123, 126]))

        # Only visible Places with favorite color 'red' or 'yellow'...
        request = RequestFactory().get('/api/v1/datasets/test-user/stuff/places/?favorite_color=red&favorite_color=yellow&favorite_food=pizza')
        request.user = user
        request.META['HTTP_ACCEPT'] = 'application/json'
        view.request = request
        response = view.dispatch(request,
                            dataset__owner__username='******',
                            dataset__slug='stuff')

        places = json.loads(response.content)


        assert_equal(len(places), 1)
        ids = set([place['id'] for place in places])
        assert_equal(ids, set([123]))
Ejemplo n.º 6
0
    def test_blocked_subdomain(self):
        EmailUserRestriction.objects.create(email_pattern='*@faz.bar.com')

        request = RequestFactory().get('/')
        request.user = user_factory(email='*****@*****.**')
        assert not EmailUserRestriction.allow_request(request)

        request.user = user_factory(email='*****@*****.**')
        assert EmailUserRestriction.allow_request(request)
Ejemplo n.º 7
0
def get_request(edit=False):
    request = RequestFactory().get("/")
    request.session = {}
    if edit:
        request.user = SuperUser()
        set_edit_mode(request, True)
        assert is_edit_mode(request)
    else:
        request.user = AnonymousUser()
    return request
Ejemplo n.º 8
0
    def test_multiple_fail(self):
        request = RequestFactory().post('/api')
        request.user = AnonymousUser()
        drf_request = Request(request)
        request.user = AnonymousUser()
        drf_request.authenticators = (
            authentication.RestSharedSecretAuthentication(),
            authentication.RestOAuthAuthentication())

        eq_(drf_request.user.is_authenticated(), False)
        eq_(drf_request._request.user.is_authenticated(), False)
Ejemplo n.º 9
0
    def test_studentquiz(self):
        student = UserFactory()
        ActivityState.objects.create(user=student, json=dumps(self.json_state))
        request = RequestFactory().get('/')

        request.user = student
        response = studentquiz(request, self.quiz.id, request.user.id)
        self.assertEqual(response.status_code, 200)

        request.user = UserFactory(is_staff=True)
        response = studentquiz(request, self.quiz.id, student.id)
        self.assertEqual(response.status_code, 200)
Ejemplo n.º 10
0
    def test_check_permissions(self):
        view = views.DummyRepositoryView()
        self.assertRaises(NotImplementedError, view.check_permissions)

        request = RequestFactory()
        request.user = factories.UserFactory()
        view = views.DummyAdminDeleteView(request=request, path=Path(""))
        self.assertRaises(PermissionDenied, view.check_permissions)

        request = RequestFactory()
        request.user = factories.SuperUserFactory()
        view = views.DummyAdminDeleteView(request=request, path=Path(""))
        self.assertIsNone(view.check_permissions())
Ejemplo n.º 11
0
def req_factory_factory(url, user=None, post=False, data=None):
    """Creates a request factory, logged in with the user."""
    req = RequestFactory()
    if post:
        req = req.post(url, data or {})
    else:
        req = req.get(url, data or {})
    if user:
        req.user = UserProfile.objects.get(id=user.id)
    else:
        req.user = AnonymousUser()
    req.APP = None
    req.check_ownership = partial(check_ownership, req)
    return req
Ejemplo n.º 12
0
    def test_redirect_uploader(self):
        # no collection id
        request = RequestFactory().post('/upload/redirect')
        request.user = self.student_one
        request.course = self.sample_course

        view = RedirectToUploaderView()
        view.request = request

        with self.assertRaises(Http404):
            view.post(request, [], **{'collection_id': 123})

        secret_keys = {'http://ccnmtl.columbia.edu': 'a very good secret'}
        with self.settings(SERVER_ADMIN_SECRETKEYS=secret_keys):
            # invalid uploader url
            as_user = '******' % self.student_one.username
            exc = ExternalCollectionFactory(url='http://abc.def.ghi')
            with self.assertRaises(Http404):
                view.post(request, [], **{'collection_id': exc.id})

            # successful redirect
            exc = ExternalCollectionFactory(url='http://ccnmtl.columbia.edu')
            response = view.post(request, [], **{'collection_id': exc.id})
            self.assertEquals(response.status_code, 302)
            self.assertTrue(response.url.startswith(exc.url))
            self.assertTrue('nonce' in response.url)
            self.assertTrue('hmac' in response.url)
            self.assertTrue('redirect_url' in response.url)
            self.assertTrue(as_user in response.url)

            # "as" without permissions + audio
            data = {'as': self.student_two.username, 'audio': 'mp4'}
            request = RequestFactory().post('/upload/redirect', data)
            request.user = self.student_one
            request.course = self.sample_course
            response = view.post(request, [], **{'collection_id': exc.id})
            self.assertEquals(response.status_code, 302)
            self.assertTrue(as_user in response.url)
            self.assertTrue('audio=mp4' in response.url)

            # "as" with permissions
            data = {'as': self.student_one.username}
            request = RequestFactory().post('/upload/redirect', data)
            request.user = UserFactory(is_staff=True)
            request.course = self.sample_course
            self.add_as_faculty(request.course, request.user)

            response = view.post(request, [], **{'collection_id': exc.id})
            self.assertEquals(response.status_code, 302)
            self.assertTrue(as_user in response.url)
Ejemplo n.º 13
0
    def test_blocked_subdomain_but_allow_parent(self):
        EmailUserRestriction.objects.create(
            email_pattern='*.mail.com')

        request = RequestFactory().get('/')
        request.user = user_factory(email='*****@*****.**')
        assert not EmailUserRestriction.allow_request(request)

        # We only block a subdomain pattern
        request.user = user_factory(email='*****@*****.**')
        assert EmailUserRestriction.allow_request(request)

        # Which also allows similar domains to work
        request.user = user_factory(email='*****@*****.**')
        assert EmailUserRestriction.allow_request(request)
Ejemplo n.º 14
0
    def test_tag(self):
        # create context mock
        request = RequestFactory().get('/')
        request.user = AnonymousUser()
        SessionMiddleware().process_request(request)
        request.session.save()
        context = RequestContext(request)

        # Returns empty dict if there is no authenticated user
        self.assertEqual(render_notifications(context), '\n')

        # Returns notifications.html
        request.user = UserFactory()
        ObjectEventFactory(user=request.user)
        self.assertTrue(render_notifications(context))
Ejemplo n.º 15
0
    def test_new_user(self):
        """Tests that new users get redirected to new_user page"""
        # Create a user that has no profile--this is the sign that the
        # user is new!
        new_user = UserFactory(profile=None)
        self.client_login_user(new_user)

        # Now do some ridiculous setup so we can call login_success()
        # on the Verify and see if it did what it should be doing.

        # FIXME - this can go away post django-browserid 0.9
        new_user.backend = 'django_browserid.auth.BrowserIDBackend'

        post_request = RequestFactory().post(reverse('browserid.login'))
        post_request.user = new_user
        post_request.session = self.client.session

        fv = FjordVerify()
        fv.user = new_user
        fv.request = post_request

        resp = fv.login_success()
        eq_(200, resp.status_code)
        body = json.loads(resp.content)
        eq_(body['redirect'], reverse('new-user-view'))
Ejemplo n.º 16
0
 def test_own_apps(self):
     """Only user's transactions are shown."""
     app_factory()
     r = RequestFactory().get(self.url)
     r.user = self.user
     transactions = _get_transactions(r)[1]
     self.assertSetEqual([tx.addon for tx in transactions], self.apps)
 def test_filter_none(self):
     request = RequestFactory().get('/person/')
     request.user = AnonymousUser()
     cl = ChangeList(request, models.Person, *self.get_changelist_args())
     cl.get_results(request)
     self.assertEqual(
         list(cl.result_list), list(models.Person.objects.all()))
Ejemplo n.º 18
0
    def call_view(
            self,
            view_name,
            mock_request,
            user=None,
            post_params=None,
            view_args=None
    ):
        self._set_mock_request_data(
            mock_request,
            {
                "user_id": str(self.student.id),
                "group_id": self.student_cohort.id,
                "closed": False,
                "type": "thread"
            }
        )
        mock_request.return_value.status_code = 200
        request = RequestFactory().post("dummy_url", post_params or {})
        request.user = user or self.student
        request.view_name = view_name

        return getattr(views, view_name)(
            request,
            course_id=self.course.id.to_deprecated_string(),
            thread_id="dummy",
            **(view_args or {})
        )
Ejemplo n.º 19
0
    def assertReactivateEmailSent(self, email_user):
        """
        Assert that the correct reactivation email has been sent
        """
        context = generate_activation_email_context(self.user, self.registration)

        self.assertEmailUser(
            email_user,
            'emails/activation_email_subject.txt',
            context,
            'emails/activation_email.txt',
            context
        )

        # Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
        request = RequestFactory().post('unused_url')
        request.user = self.user
        request.META['HTTP_HOST'] = "aGenericValidHostName"
        self.append_allowed_hosts("aGenericValidHostName")

        with patch('edxmako.request_context.get_current_request', return_value=request):
            body = render_to_string('emails/activation_email.txt', context)
            host = safe_get_host(request)

        self.assertIn(host, body)
 def test_stars_user_empty(self):
     request = RequestFactory().get('/some/page/')
     request.user = User.objects.create(
         username='******'
     )
     result = stars(request)
     eq_(result, {'star_ids': ''})
Ejemplo n.º 21
0
    def test_create_account(self):
        # Create a new account, which should have empty account settings by default.
        create_account(self.USERNAME, self.PASSWORD, self.EMAIL)

        # Retrieve the account settings
        user = User.objects.get(username=self.USERNAME)
        request = RequestFactory().get("/api/user/v1/accounts/")
        request.user = user
        account_settings = get_account_settings(request)

        # Expect a date joined field but remove it to simplify the following comparison
        self.assertIsNotNone(account_settings['date_joined'])
        del account_settings['date_joined']

        # Expect all the values to be defaulted
        self.assertEqual(account_settings, {
            'username': self.USERNAME,
            'email': self.EMAIL,
            'name': u'',
            'gender': None,
            'goals': None,
            'is_active': False,
            'level_of_education': None,
            'mailing_address': None,
            'year_of_birth': None,
            'country': None,
            'bio': None,
            'profile_image': {
                'has_image': False,
                'image_url_full': request.build_absolute_uri('/static/default_50.png'),
                'image_url_small': request.build_absolute_uri('/static/default_10.png'),
            },
            'requires_parental_consent': True,
            'language_proficiencies': [],
        })
Ejemplo n.º 22
0
    def test_serialize_object_with_cache_copy(self):
        """Testing WebAPIResource.serialize_object always returns a copy of
        the cached data
        """
        class TestObject(object):
            my_field = 'abc'

        request = RequestFactory().request()
        request.user = User()

        resource = WebAPIResource()
        resource.fields = {
            'my_field': {
                'type': six.text_type,
            }
        }

        obj = TestObject()

        # We check this three times, since prior to Djblets 2.0.20, we would
        # first return a copy of the newly-generated data, then the cached
        # copy of the original data, and then the cached copy again (which
        # would no longer be untouched).
        data = resource.serialize_object(obj, request=request)
        self.assertIn('my_field', data)
        del data['my_field']

        data = resource.serialize_object(obj, request=request)
        self.assertIn('my_field', data)
        del data['my_field']

        data = resource.serialize_object(obj, request=request)
        self.assertIn('my_field', data)
Ejemplo n.º 23
0
    def test_detailed_report_values(self):
        with self.settings(PARTICIPANT_SECRET='foo'):
            data = {'country': 'all'}
            request = RequestFactory().post(self.report_download_url, data)
            request.user = self.icap

            view = DownloadableReportView()
            view.request = request

            users, groups = view.get_users_and_groups(request, self.hierarchy)

            rows = view.get_detailed_report_values(self.hierarchies, users)
            row = ['participant_id', 'country', 'group', 'completed',
                   'percent_complete', 'total_time_elapsed',
                   'actual_time_spent', 'completion_date', 'pre-test score',
                   'post-test score', '1_1', '1_2']
            self.assertEqual(next(rows), row)

            # expecting 4 user results to show up
            row = next(rows)
            row = next(rows)
            row = next(rows)
            row = next(rows)

            try:
                next(rows)
                self.assertFalse('unexpected row')
            except StopIteration:
                pass  # expected
Ejemplo n.º 24
0
 def handle(self, *args, **options):
     GET_request = RequestFactory().get('/staff/discovery_sheet/?download')
     GET_request.user = User()
     GET_request.user.is_staff = True
     response = discovery_sheet(GET_request)
     with open("discovery_sheet.xls", "w") as f:
         f.write(response.content)
Ejemplo n.º 25
0
    def test_aggregate_report_all_groups(self):
        # country + institution specified
        country = self.old_group.school.country
        school = self.old_group.school
        data = {'country': country.name,
                'school': school.pk}
        request = RequestFactory().post(self.report_download_url, data)
        request.user = self.icap

        view = DownloadableReportView()
        view.request = request

        users, groups = view.get_users_and_groups(request, self.hierarchy)

        rows = view.get_aggregate_report(
            request, self.hierarchy, users, groups)
        self.assertEqual(next(rows), ['CRITERIA'])
        self.assertEqual(next(rows),
                         ['Country', 'Institution', 'Group', 'Total Members'])
        self.assertEqual(
            next(rows),
            [country.display_name, school.name, None, 1])
        next(rows)  # header
        next(rows)  # header
        self.assertEqual(next(rows), ['English'])
        next(rows)  # header
        next(rows)  # header
        next(rows)  # header
        # counts are in row 2. total, completed, incomplete inprogress
        self.assertEqual(next(rows), [0, 1, 0])
Ejemplo n.º 26
0
 def _fulfill_content_milestones(user, course_key, content_key):
     """
     Internal helper to handle milestone fulfillments for the specified content module
     """
     # Fulfillment Use Case: Entrance Exam
     # If this module is part of an entrance exam, we'll need to see if the student
     # has reached the point at which they can collect the associated milestone
     if settings.FEATURES.get('ENTRANCE_EXAMS', False):
         course = modulestore().get_course(course_key)
         content = modulestore().get_item(content_key)
         entrance_exam_enabled = getattr(course, 'entrance_exam_enabled', False)
         in_entrance_exam = getattr(content, 'in_entrance_exam', False)
         if entrance_exam_enabled and in_entrance_exam:
             # We don't have access to the true request object in this context, but we can use a mock
             request = RequestFactory().request()
             request.user = user
             exam_pct = get_entrance_exam_score(request, course)
             if exam_pct >= course.entrance_exam_minimum_score_pct:
                 exam_key = UsageKey.from_string(course.entrance_exam_id)
                 relationship_types = milestones_helpers.get_milestone_relationship_types()
                 content_milestones = milestones_helpers.get_course_content_milestones(
                     course_key,
                     exam_key,
                     relationship=relationship_types['FULFILLS']
                 )
                 # Add each milestone to the user's set...
                 user = {'id': request.user.id}
                 for milestone in content_milestones:
                     milestones_helpers.add_user_milestone(user, milestone)
Ejemplo n.º 27
0
    def assertChangeEmailSent(self, email_user):
        """
        Assert that the correct email was sent to confirm an email change
        """
        context = {
            'old_email': self.user.email,
            'new_email': self.pending_change_request.new_email,
        }
        self.assertEmailUser(
            email_user,
            'emails/email_change_subject.txt',
            context,
            'emails/confirm_email_change.txt',
            context
        )

        # Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
        request = RequestFactory().post('unused_url')
        request.user = self.user
        request.META['HTTP_HOST'] = "aGenericValidHostName"
        self.append_allowed_hosts("aGenericValidHostName")

        with patch('edxmako.request_context.get_current_request', return_value=request):
            body = render_to_string('emails/confirm_email_change.txt', context)
            url = safe_get_host(request)

        self.assertIn(url, body)
Ejemplo n.º 28
0
def dump_app(id, **kw):
    from mkt.webapps.serializers import AppSerializer
    # Because @robhudson told me to.
    # Note: not using storage because all these operations should be local.
    target_dir = os.path.join(settings.DUMPED_APPS_PATH, 'apps',
                              str(id / 1000))
    target_file = os.path.join(target_dir, str(id) + '.json')

    try:
        obj = Webapp.objects.get(pk=id)
    except Webapp.DoesNotExist:
        task_log.info(u'Webapp does not exist: {0}'.format(id))
        return

    req = RequestFactory().get('/')
    req.user = AnonymousUser()
    req.REGION = RESTOFWORLD

    if not os.path.exists(target_dir):
        os.makedirs(target_dir)

    task_log.info('Dumping app {0} to {1}'.format(id, target_file))
    res = AppSerializer(obj, context={'request': req}).data
    json.dump(res, open(target_file, 'w'), cls=JSONEncoder)
    return target_file
Ejemplo n.º 29
0
    def test_aggregate_report_single_group(self):
        # group id is specified
        group = self.old_group
        country = self.old_group.school.country
        school = self.old_group.school
        data = {'country': country.name,
                'school': school.pk,
                'schoolgroup': group.pk}
        request = RequestFactory().post(self.report_download_url, data)
        request.user = self.icap

        view = DownloadableReportView()
        view.request = request

        users, groups = view.get_users_and_groups(request, self.hierarchy)

        rows = view.get_aggregate_report(
            request, self.hierarchy, users, groups)
        self.assertEqual(next(rows), ['CRITERIA'])
        self.assertEqual(next(rows),
                         ['Country', 'Institution', 'Group', 'Total Members'])
        self.assertEqual(
            next(rows),
            [country.display_name, school.name, group.name, 1])
        next(rows)  # header
        next(rows)  # header
        self.assertEqual(next(rows), ['English'])
        next(rows)  # header
        next(rows)  # header
        next(rows)  # header
        self.assertEqual(next(rows), [0, 1, 0])
Ejemplo n.º 30
0
 def _verify_cohort_settings_response(self, expected_response):
     """ Verify that the response was successful and matches the expected JSON payload. """
     request = RequestFactory().get("dummy_url")
     request.user = AdminFactory()
     response = cohorting_settings(request, unicode(self.course.id))
     self.assertEqual(200, response.status_code)
     self.assertEqual(expected_response, json.loads(response.content))
Ejemplo n.º 31
0
    def test_verify_endpoint(self):
        endpoint = models.Endpoint.objects.create(name="Example", url="example", description="Example endpoint",
                                                       example="title=something", response="[]")
        # Include additional methods to test various authentication options
        endpoint_get = models.Method.objects.create(endpoint=endpoint, method="GET", auth="token")

        # Try with endpoint that is not yet configured
        with self.assertRaises(APIException, msg="Configuration error. Please contact the webmaster."):
            views.verify_endpoint("Example2", None)

        # Try with endpoint that requires authentication
        for method in endpoint.methods.all():
            if method.auth != "none":
                request = RequestFactory()
                request.user = self.user
                request.data = {'APIKey': 'ABCDEFG'}
                request.method = 'GET'
                with self.assertRaises(PermissionDenied, msg="You are not allowed to access this resource."):
                    views.verify_endpoint("Example", request)

        # Try with properly configured endpoint
        endpoint_get.auth = "none"
        endpoint_get.save()
        self.assertEqual(views.verify_endpoint("Example", None), None)
Ejemplo n.º 32
0
    def test_jet_sibling_object_previous_url(self):
        instance = self.models[0]
        ordering_field = 1  # field1 in list_display
        preserved_filters = '_changelist_filters=o%%3D%d' % ordering_field

        changelist_url = reverse(
            'admin:%s_%s_change' %
            (TestModel._meta.app_label, TestModel._meta.model_name),
            args=(self.models[1].pk, )) + '?' + preserved_filters

        user = get_user_model().objects.create_user(username='******',
                                                    password='******')
        request = RequestFactory().get(changelist_url)
        request.user = user
        context = {
            'original': instance,
            'preserved_filters': preserved_filters,
            'request': request,
        }

        previous_object = jet_previous_object(context)
        expected_object = None

        self.assertEqual(previous_object, expected_object)
Ejemplo n.º 33
0
    def test_create_account(self):
        # Create a new account, which should have empty account settings by default.
        create_account(self.USERNAME, self.PASSWORD, self.EMAIL)

        # Retrieve the account settings
        user = User.objects.get(username=self.USERNAME)
        request = RequestFactory().get("/api/user/v1/accounts/")
        request.user = user
        account_settings = get_account_settings(request)

        # Expect a date joined field but remove it to simplify the following comparison
        self.assertIsNotNone(account_settings['date_joined'])
        del account_settings['date_joined']

        # Expect all the values to be defaulted
        self.assertEqual(account_settings, {
            'username': self.USERNAME,
            'email': self.EMAIL,
            'name': u'',
            'gender': None,
            'goals': None,
            'is_active': False,
            'level_of_education': None,
            'mailing_address': None,
            'year_of_birth': None,
            'country': None,
            'bio': None,
            'profile_image': {
                'has_image': False,
                'image_url_full': request.build_absolute_uri('/static/default_50.png'),
                'image_url_small': request.build_absolute_uri('/static/default_10.png'),
            },
            'requires_parental_consent': True,
            'language_proficiencies': [],
            'account_privacy': None
        })
Ejemplo n.º 34
0
def execute_query(query, variables=None, request=None, user=None):
    """Execute a query from the ORM.

    Args:
        - query (str): String with GraphQL query.
        - variables (dict, optional): If the query has variables they need to be passed in as a dictionary.
        - request (django.test.client.RequestFactory, optional): Used to authenticate.
        - user (django.contrib.auth.models.User, optional): Used to authenticate.

    Returns:
        GraphQL Object: Result for query
    """
    if not request and not user:
        raise ValueError("Either request or username should be provided")
    if not request:
        request = RequestFactory().post("/graphql/")
        request.user = user
    backend = get_default_backend()
    schema = graphene_settings.SCHEMA
    document = backend.document_from_string(schema, query)
    if variables:
        return document.execute(context_value=request, variable_values=variables)
    else:
        return document.execute(context_value=request)
Ejemplo n.º 35
0
    def test_new_user(self):
        """Tests that new users get redirected to new_user page"""
        # Create a user that has no profile--this is the sign that the
        # user is new!
        new_user = user(save=True)
        self.client_login_user(new_user)

        # Now do some ridiculous setup so we can call login_success()
        # on the Verify and see if it did what it should be doing.

        # FIXME - this can go away post django-browserid 0.9
        new_user.backend = 'django_browserid.auth.BrowserIDBackend'

        get_request = RequestFactory().get(reverse('dashboard'))
        get_request.user = new_user
        get_request.session = self.client.session

        fv = FjordVerify()
        fv.user = new_user
        fv.request = get_request

        resp = fv.login_success()
        eq_(302, resp.status_code)
        eq_(resp.get('location'), reverse('new-user-view'))
Ejemplo n.º 36
0
    def test_cms_plugins_blogpost_default_variant(self):
        """
        If the variant is specified on the blogpost plugin and also as variant
        variable in the context of its container, the instance variable should
        be used.
        """
        # Create an blogpost
        blogpost = BlogPostFactory(page_title="public title",
                                   should_publish=True)
        blogpost_page = blogpost.extended_object

        # Create a page to add the plugin to
        page = create_i18n_page("A page")
        placeholder = page.placeholders.get(slot="maincontent")

        # Add blogpost plugin with default template
        model_instance = add_plugin(placeholder,
                                    BlogPostPlugin,
                                    "en",
                                    page=blogpost_page,
                                    variant="small")

        # Get generated html
        request = RequestFactory()
        request.current_page = page
        request.path_info = "/en/my-path/"
        request.user = AnonymousUser()
        context = {
            "current_page": page,
            "blogpost_variant": "xxl",
            "request": request
        }
        renderer = ContentRenderer(request=request)
        html = renderer.render_plugin(model_instance, context)

        self.assertIn("blogpost-small", html)
Ejemplo n.º 37
0
    def test_echo_view_success(self):
        settings.SAML_CONFIG = conf.create_conf(
            sp_host='sp.example.com',
            idp_hosts=['idp.example.com'],
            metadata_file='remote_metadata_one_idp.xml',
        )
        self.do_login()

        request = RequestFactory().get('/')
        request.user = User.objects.last()

        middleware = SamlSessionMiddleware()
        middleware.process_request(request)

        saml_session_name = getattr(
            settings, 'SAML_SESSION_COOKIE_NAME', 'saml_session')
        getattr(request, saml_session_name)[
            '_saml2_subject_id'] = '1f87035b4c1325b296a53d92097e6b3fa36d7e30ee82e3fcb0680d60243c1f03'
        getattr(request, saml_session_name).save()

        response = EchoAttributesView.as_view()(request)
        self.assertEqual(response.status_code, 200)
        self.assertIn('<h1>SAML attributes</h1>',
                      response.content.decode(), 'Echo page not rendered')
Ejemplo n.º 38
0
    def test_preview_no_asides(self):
        """
        Test for calling get_preview_html. Ensures data-usage-id is correctly set and
        asides are correctly excluded because they are not enabled.
        """
        course = CourseFactory.create(default_store=ModuleStoreEnum.Type.split)
        html = ItemFactory.create(parent_location=course.location,
                                  category="html",
                                  data={'data': "<html>foobar</html>"})

        config = StudioConfig.current()
        config.enabled = False
        config.save()

        request = RequestFactory().get('/dummy-url')
        request.user = UserFactory()
        request.session = {}

        # Call get_preview_fragment directly.
        context = {'reorderable_items': set(), 'read_only': True}
        html = get_preview_fragment(request, html, context).content

        self.assertNotRegex(html, r"data-block-type=[\"\']test_aside[\"\']")
        self.assertNotRegex(html, "Aside rendered")
Ejemplo n.º 39
0
 def _test_signup_email_verified_externally(self, signup_email,
                                            verified_email):
     username = '******'
     request = RequestFactory().post(
         reverse('account_signup'), {
             'username': username,
             'email': signup_email,
             'password1': 'johndoe',
             'password2': 'johndoe'
         })
     # Fake stash_verified_email
     from django.contrib.messages.middleware import MessageMiddleware
     from django.contrib.sessions.middleware import SessionMiddleware
     SessionMiddleware().process_request(request)
     MessageMiddleware().process_request(request)
     request.user = AnonymousUser()
     request.session['account_verified_email'] = verified_email
     from .views import signup
     resp = signup(request)
     self.assertEqual(resp.status_code, 302)
     self.assertEqual(resp['location'],
                      get_adapter().get_login_redirect_url(request))
     self.assertEqual(len(mail.outbox), 0)
     return get_user_model().objects.get(username=username)
Ejemplo n.º 40
0
    def test_generate_etag_with_encode_etag_false(self):
        """Testing WebAPIResource.generate_etag with encode_etag=False"""
        class TestObject(object):
            my_field = 'abc'

        request = RequestFactory().request()
        request.user = User()

        resource = WebAPIResource()
        obj = TestObject()

        with warnings.catch_warnings(record=True) as w:
            warnings.simplefilter('always')
            etag = resource.generate_etag(obj,
                                          None,
                                          request,
                                          encode_etag=False)

        self.assertEqual(len(w), 1)
        self.assertIn('generate_etag is deprecated',
                      six.text_type(w[0].message))

        self.assertEqual(etag,
                         repr(resource.serialize_object(obj, request=request)))
Ejemplo n.º 41
0
    def call_view(self,
                  mock_request,
                  commentable_id,
                  user,
                  group_id,
                  pass_group_id=True,
                  is_ajax=False):
        mock_request.side_effect = make_mock_request_impl(
            "dummy context", group_id=self.student_cohort.id)

        request_data = {}
        if pass_group_id:
            request_data["group_id"] = group_id
        headers = {}
        if is_ajax:
            headers['HTTP_X_REQUESTED_WITH'] = "XMLHttpRequest"
        request = RequestFactory().get("dummy_url",
                                       data=request_data,
                                       **headers)
        request.user = user
        mako_middleware_process_request(request)
        return views.single_thread(request,
                                   self.course.id.to_deprecated_string(),
                                   "dummy_discussion_id", "dummy_thread_id")
Ejemplo n.º 42
0
    def assertChangeEmailSent(self, email_user):
        """
        Assert that the correct email was sent to confirm an email change
        """
        context = {
            'old_email': self.user.email,
            'new_email': self.pending_change_request.new_email,
        }
        self.assertEmailUser(email_user, 'emails/email_change_subject.txt',
                             context, 'emails/confirm_email_change.txt',
                             context)

        # Thorough tests for safe_get_host are elsewhere; here we just want a quick URL sanity check
        request = RequestFactory().post('unused_url')
        request.user = self.user
        request.META['HTTP_HOST'] = "aGenericValidHostName"
        self.append_allowed_hosts("aGenericValidHostName")

        with patch('edxmako.request_context.get_current_request',
                   return_value=request):
            body = render_to_string('emails/confirm_email_change.txt', context)
            url = safe_get_host(request)

        self.assertIn(url, body)
Ejemplo n.º 43
0
    def test_in_sequence_assignment_response(self):
        res = SherdNoteResource()
        self.assertFalse(res.in_sequence_assignment_response(self.note1))
        self.assertFalse(res.in_sequence_assignment_response(self.note2))

        sa = SequenceAssetFactory(spine=self.note1)
        psa = ProjectSequenceAssetFactory(sequence_asset=sa)
        self.assertFalse(res.in_sequence_assignment_response(self.note1))

        psa.project.date_submitted = datetime.today()
        psa.project.save()
        self.assertTrue(res.in_sequence_assignment_response(self.note1))

        SequenceMediaElementFactory(sequence_asset=sa, media=self.note2)
        self.assertTrue(res.in_sequence_assignment_response(self.note2))

        request = RequestFactory().get('/?citable=true')
        request.user = self.student_one
        request.course = self.sample_course
        bundle = SherdNoteResource().build_bundle(obj=self.note1,
                                                  request=request)
        res.dehydrate(bundle)
        self.assertEquals(bundle.data['editable'], False)
        self.assertEquals(bundle.data['citable'], True)
    def test_context(self):
        """
        Verify learner profile page context data.
        """
        request = RequestFactory().get('/url')
        request.user = self.user

        context = learner_profile_context(request, self.USERNAME,
                                          self.user.is_staff)

        assert context['data']['default_public_account_fields'] == \
               settings.ACCOUNT_VISIBILITY_CONFIGURATION['public_fields']

        assert context['data']['accounts_api_url'] == \
               reverse('accounts_api', kwargs={'username': self.user.username})

        assert context['data']['preferences_api_url'] == \
               reverse('preferences_api', kwargs={'username': self.user.username})

        assert context['data']['profile_image_upload_url'] == \
               reverse('profile_image_upload', kwargs={'username': self.user.username})

        assert context['data']['profile_image_remove_url'] == \
               reverse('profile_image_remove', kwargs={'username': self.user.username})

        assert context['data'][
            'profile_image_max_bytes'] == settings.PROFILE_IMAGE_MAX_BYTES

        assert context['data'][
            'profile_image_min_bytes'] == settings.PROFILE_IMAGE_MIN_BYTES

        assert context['data']['account_settings_page_url'] == reverse(
            'account_settings')

        for attribute in self.CONTEXT_DATA:
            assert attribute in context['data']
Ejemplo n.º 45
0
    def call_view(self, mock_request, commentable_id, user, group_id, pass_group_id=True, is_ajax=False):
        kwargs = {}
        if group_id:
            kwargs['group_id'] = group_id
        mock_request.side_effect = make_mock_request_impl("dummy content", **kwargs)

        request_data = {}
        if pass_group_id:
            request_data["group_id"] = group_id
        headers = {}
        if is_ajax:
            headers['HTTP_X_REQUESTED_WITH'] = "XMLHttpRequest"
        request = RequestFactory().get(
            "dummy_url",
            data=request_data,
            **headers
        )
        request.user = user
        mako_middleware_process_request(request)
        return views.user_profile(
            request,
            self.course.id.to_deprecated_string(),
            user.id
        )
Ejemplo n.º 46
0
def test_login():
    email = random_char(7) + "@gmail.com"
    username = random_char(5)
    body1 = {
        "username": username, "firstname": "Josep", "lastname": "Lopez",
        "email": email, "password1": "password123", "password2": "password123",
        "country1": "España", "city1": "Sant Adria del Besos", "street1": "c/Mare de deu del carme 116 4B",
        "zip1": "08930",
        "country2": "España", "city2": "Sant Adria del Besos", "street2": "c/Mare de deu del carme 116 4B",
        "zip2": "08930",
        "trigger": "register", "taste1": "Fiction", "taste2": "Crime & Thriller", "taste3": "Science Fiction",
        "tastes": True
    }

    guest = get_or_create_guest()
    req = RequestFactory().post("/register/", body1)
    req.COOKIES['device'] = guest.device
    response = register(req)


    body2 = {
        'mail': email, 'password': '******', 'trigger': 'login'
    }

    req = RequestFactory().post("/login/", body2)
    req.user = User.objects.filter(username=username).first()
    req = setup_request(req)
    response = login_user(request=req)
    response_json = json.loads(response.content.decode("utf-8"))

    refresh_user = User.objects.filter(username=username).first()

    validation = refresh_user.is_authenticated and response.status_code == 200 and not response_json["error"] and response_json['name'] == 'Josep'
    User.objects.filter(username=username).delete()

    assert validation
Ejemplo n.º 47
0
    def test_annotation_create(self):
        data = {
            'annotation-title': 'Annotation Test',
            'annotation-body': 'notes go here',
            'annotation-annotation_data': '',
            'annotation-range1': -4.5,
            'annotation-range2': 23,
            'annotation-tags': 'foo,bar'
        }
        request = RequestFactory().post('/', data)
        request.user = self.student_one
        request.course = self.sample_course

        with self.assertRaises(Http404):
            annotation_create(request, 1234)

        asset = AssetFactory(course=self.sample_course, primary_source='image')
        response = annotation_create(request, asset.id)
        self.assertEquals(response.status_code, 302)

        note = SherdNote.objects.get(title='Annotation Test', asset=asset)
        self.assertEquals(note.range1, -4.5)
        self.assertEquals(note.range2, 23)
        self.assertEquals(note.tags, 'foo,bar')
Ejemplo n.º 48
0
    def get_response(self, mock_request, params, **headers):
        mock_request.side_effect = make_mock_request_impl(self.TEST_THREAD_TEXT, self.TEST_THREAD_ID)
        request = RequestFactory().get("dummy_url", data=params, **headers)
        request.user = self.student

        mako_middleware_process_request(request)
        response = views.user_profile(
            request,
            self.course.id.to_deprecated_string(),
            self.profiled_user.id
        )
        mock_request.assert_any_call(
            "get",
            StringEndsWithMatcher('/users/{}/active_threads'.format(self.profiled_user.id)),
            data=None,
            params=PartialDictMatcher({
                "course_id": self.course.id.to_deprecated_string(),
                "page": params.get("page", 1),
                "per_page": views.THREADS_PER_PAGE
            }),
            headers=ANY,
            timeout=ANY
        )
        return response
Ejemplo n.º 49
0
    def test_skip_limit(self, mock_request):
        text = "dummy content"
        thread_id = "test_thread_id"
        response_skip = "45"
        response_limit = "15"
        mock_request.side_effect = make_mock_request_impl(text, thread_id)

        request = RequestFactory().get("dummy_url", {
            "resp_skip": response_skip,
            "resp_limit": response_limit
        },
                                       HTTP_X_REQUESTED_WITH="XMLHttpRequest")
        request.user = self.student
        response = views.single_thread(request,
                                       self.course.id.to_deprecated_string(),
                                       "dummy_discussion_id", "test_thread_id")
        self.assertEquals(response.status_code, 200)
        response_data = json.loads(response.content)
        # strip_none is being used to perform the same transform that the
        # django view performs prior to writing thread data to the response
        self.assertEquals(
            response_data["content"],
            strip_none(make_mock_thread_data(text, thread_id, True)))
        mock_request.assert_called_with(
            "get",
            StringEndsWithMatcher(thread_id),  # url
            data=None,
            params=PartialDictMatcher({
                "mark_as_read": True,
                "user_id": 1,
                "recursive": True,
                "resp_skip": response_skip,
                "resp_limit": response_limit,
            }),
            headers=ANY,
            timeout=ANY)
 def _generate_request(self):
     request = RequestFactory().get("/")
     request.user = AnonymousUser()
     request.session = {}
     return request
Ejemplo n.º 51
0
 def dummy_request(self, user=None):
     request = RequestFactory().get('/')
     request.user = user or AnonymousUser()
     return request
Ejemplo n.º 52
0
 def get_request(self):
     request = RequestFactory().get('/foo/')
     request.session = {}
     request.user, created = User.objects.get_or_create(username='******')
     return request
 def has_instructor_tab(user, course):
     """Returns true if the "Instructor" tab is shown."""
     request = RequestFactory().request()
     request.user = user
     tabs = get_course_tab_list(request, course)
     return len([tab for tab in tabs if tab.name == 'Instructor']) == 1
Ejemplo n.º 54
0
 def test_blocked_user_login_ip(self):
     request = RequestFactory(REMOTE_ADDR='192.168.0.8').get('/')
     request.user = user_factory(last_login_ip='192.168.1.1')
     IPNetworkUserRestriction.objects.create(network='192.168.1.1/32')
     assert not IPNetworkUserRestriction.allow_request(request)
Ejemplo n.º 55
0
 def test_allowed_ip4_28_subnet(self):
     request = RequestFactory(REMOTE_ADDR='192.168.0.254').get('/')
     request.user = user_factory(last_login_ip='192.168.1.1')
     IPNetworkUserRestriction.objects.create(network='192.168.0.0/28')
     assert IPNetworkUserRestriction.allow_request(request)
Ejemplo n.º 56
0
    def test_allowed_reputation_service_timeout_not_configured(self):
        request = RequestFactory(REMOTE_ADDR='192.168.0.1').get('/')
        request.user = UserProfile(email='*****@*****.**')

        assert self.restriction_class.allow_request(request)
        assert len(responses.calls) == 0
Ejemplo n.º 57
0
 def test_user_somehow_not_authenticated(self):
     EmailUserRestriction.objects.create(email_pattern='*****@*****.**')
     request = RequestFactory().get('/')
     request.user = AnonymousUser()
     assert not EmailUserRestriction.allow_request(request)
Ejemplo n.º 58
0
 def test_email_allowed(self):
     EmailUserRestriction.objects.create(email_pattern='*****@*****.**')
     request = RequestFactory().get('/')
     request.user = user_factory(email='*****@*****.**')
     assert EmailUserRestriction.allow_request(request)
     assert EmailUserRestriction.allow_email(request.user.email)
Ejemplo n.º 59
0
 def test_user_somehow_not_authenticated(self):
     request = RequestFactory().get('/')
     request.user = AnonymousUser()
     assert not DisposableEmailDomainRestriction.allow_request(request)
Ejemplo n.º 60
0
 def test_email_domain_blocked(self):
     DisposableEmailDomainRestriction.objects.create(domain='bar.com')
     request = RequestFactory().get('/')
     request.user = user_factory(email='*****@*****.**')
     assert not DisposableEmailDomainRestriction.allow_request(request)