def prereg_landing_page(**kwargs):
"""Landing page for the prereg challenge"""
auth = kwargs['auth'] = Auth.from_kwargs(request.args.to_dict(), kwargs)
is_logged_in = kwargs['auth'].logged_in
campaign = request.path.strip('/') or 'prereg'
if is_logged_in:
registerable_nodes = [
node for node
in auth.user.contributor_to
if node.has_permission(user=auth.user, permission='admin')
]
has_projects = bool(registerable_nodes)
has_draft_registrations = bool(utils.drafts_for_user(auth.user, campaign).count())
else:
has_projects = False
has_draft_registrations = False
return {
'is_logged_in': is_logged_in,
'has_draft_registrations': has_draft_registrations,
'has_projects': has_projects,
'campaign_long': utils.PREREG_CAMPAIGNS[campaign],
'campaign_short': campaign
}
def after_delete(self, node, user):
self.deauthorize(Auth(user=user), log=True, save=True)
def get_current_user_can_comment(self, obj):
user = self.context['request'].user
auth = Auth(user if not user.is_anonymous else None)
return obj.node.can_comment(auth)
def test_creates_child(self, app, user, project, child, url):
# test_creates_child_logged_out_user
res = app.post_json_api(url, child, expect_errors=True)
assert res.status_code == 401
project.reload()
assert len(project.nodes) == 0
# test_creates_child_logged_in_read_contributor
read_contrib = AuthUserFactory()
project.add_contributor(read_contrib,
permissions=permissions.READ,
auth=Auth(user),
save=True)
res = app.post_json_api(url,
child,
auth=read_contrib.auth,
expect_errors=True)
assert res.status_code == 403
project.reload()
assert len(project.nodes) == 0
# test_creates_child_logged_in_non_contributor
non_contrib = AuthUserFactory()
res = app.post_json_api(url,
child,
auth=non_contrib.auth,
expect_errors=True)
assert res.status_code == 403
project.reload()
assert len(project.nodes) == 0
# test_creates_child_group_member_read
group_mem = AuthUserFactory()
group = OSFGroupFactory(creator=group_mem)
project.add_osf_group(group, permissions.READ)
res = app.post_json_api(url,
child,
auth=group_mem.auth,
expect_errors=True)
assert res.status_code == 403
project.update_osf_group(group, permissions.WRITE)
res = app.post_json_api(url,
child,
auth=group_mem.auth,
expect_errors=True)
assert res.status_code == 201
# test_creates_child_no_type
child = {
'data': {
'attributes': {
'title': 'child',
'description': 'this is a child project',
'category': 'project',
}
}
}
res = app.post_json_api(url, child, auth=user.auth, expect_errors=True)
assert res.status_code == 400
assert res.json['errors'][0]['detail'] == 'This field may not be null.'
assert res.json['errors'][0]['source']['pointer'] == '/data/type'
# test_creates_child_incorrect_type
child = {
'data': {
'type': 'Wrong type.',
'attributes': {
'title': 'child',
'description': 'this is a child project',
'category': 'project',
}
}
}
res = app.post_json_api(url, child, auth=user.auth, expect_errors=True)
assert res.status_code == 409
assert res.json['errors'][0][
'detail'] == 'This resource has a type of "nodes", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.'
# test_creates_child_properties_not_nested
child = {
'data': {
'attributes': {
'title': 'child',
'description': 'this is a child project'
},
'category': 'project'
}
}
res = app.post_json_api(url, child, auth=user.auth, expect_errors=True)
assert res.status_code == 400
assert res.json['errors'][0]['detail'] == 'This field may not be null.'
assert res.json['errors'][0]['source']['pointer'] == '/data/type'
assert res.json['errors'][1]['detail'] == 'This field is required.'
assert res.json['errors'][1]['source'][
'pointer'] == '/data/attributes/category'
def test_write_contrib_cannot_set_primary_file(self):
user_two = AuthUserFactory()
self.preprint.node.add_contributor(user_two, permissions=['read', 'write'], auth=Auth(self.user), save=True)
new_file = test_utils.create_test_file(self.preprint.node, 'openupthatwindow.pdf')
data = {
'data':{
'type': 'primary_file',
'id': self.preprint._id,
'attributes': {},
'relationships': {
'primary_file': {
'data': {
'type': 'file',
'id': new_file._id
}
}
}
}
}
res = self.app.patch_json_api(self.url, data, auth=user_two.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def get_current_user_can_comment(self, obj):
user = self.context['request'].user
auth = Auth(user if not user.is_anonymous else None)
if isinstance(obj.target, AbstractNode):
return obj.target.can_comment(auth)
return False
def private_meeting_submission(self, meeting, user):
submission = ProjectFactory(title='Submission One', is_public=False)
meeting.submissions.add(submission)
submission.add_tag('poster', Auth(user))
return submission
def create(self, validated_data):
auth = Auth(self.context['request'].user)
node = self.context['view'].get_node()
addon = self.context['request'].parser_context['kwargs']['provider']
return node.get_or_add_addon(addon, auth=auth)
def _create(cls,
target_class,
project=None,
is_public=False,
schema=None,
data=None,
archive=False,
embargo=None,
registration_approval=None,
retraction=None,
*args,
**kwargs):
user = None
if project:
user = project.creator
user = kwargs.pop(
'user', None) or kwargs.get('creator') or user or UserFactory()
kwargs['creator'] = user
# Original project to be registered
project = project or target_class(*args, **kwargs)
if project.has_permission(user, 'admin'):
project.add_contributor(
contributor=user,
permissions=permissions.CREATOR_PERMISSIONS,
log=False,
save=False)
project.save()
# Default registration parameters
schema = schema or get_default_metaschema()
data = data or {'some': 'data'}
auth = Auth(user=user)
register = lambda: project.register_node(
schema=schema, auth=auth, data=data)
def add_approval_step(reg):
if embargo:
reg.embargo = embargo
elif registration_approval:
reg.registration_approval = registration_approval
elif retraction:
reg.retraction = retraction
else:
reg.require_approval(reg.creator)
reg.save()
reg.sanction.add_authorizer(reg.creator, reg)
reg.sanction.save()
with patch('framework.celery_tasks.handlers.enqueue_task'):
reg = register()
add_approval_step(reg)
if not archive:
with patch.object(reg.archive_job, 'archive_tree_finished',
Mock(return_value=True)):
archive_job = reg.archive_job
archive_job.status = ARCHIVER_SUCCESS
archive_job.done = True
reg.sanction.state = Sanction.APPROVED
reg.sanction.save()
if is_public:
reg.is_public = True
reg.save()
return reg
def node_linking_public(self, user_two, node_private, node_public):
node_linking_public = NodeFactory(is_public=True, creator=user_two)
node_linking_public.add_pointer(node_private, auth=Auth(user_two))
node_linking_public.add_pointer(node_public, auth=Auth(user_two))
return node_linking_public
def node_linking_private(self, user, node_private):
node_linking_private = NodeFactory(creator=user)
node_linking_private.add_pointer(node_private, auth=Auth(user))
return node_linking_private
def node_contrib(self, user, user_two):
node_contrib = NodeFactory(creator=user_two)
node_contrib.add_contributor(user, auth=Auth(user_two))
node_contrib.save()
return node_contrib
def setUp(self):
super(ApiSearchTestCase, self).setUp()
self.user = AuthUserFactory()
self.user_one = AuthUserFactory(fullname='Kanye Omari West')
self.user_one.schools = [{
'degree': 'English',
'institution': 'Chicago State University'
}]
self.user_one.jobs = [{
'title': 'Producer',
'institution': 'GOOD Music, Inc.'
}]
self.user_one.save()
self.user_two = AuthUserFactory(fullname='Chance The Rapper')
self.institution = InstitutionFactory(name='Social Experiment')
self.user_two.affiliated_institutions.add(self.institution)
self.user_two.save()
# self.institution.save()
self.project = ProjectFactory(title='The Life of Pablo',
creator=self.user_one,
is_public=True)
self.project.set_description('Name one genius who ain\'t crazy',
auth=Auth(self.user_one),
save=True)
self.project.add_tag('Yeezus', auth=Auth(self.user_one), save=True)
self.project_two = ProjectFactory(title='Graduation',
creator=self.user_one,
is_public=True)
self.private_project = ProjectFactory(title='Coloring Book',
creator=self.user_two)
self.component = NodeFactory(parent=self.project,
title='Ultralight Beam',
creator=self.user_two,
is_public=True)
self.component.set_description('This is my part, nobody else speak',
auth=Auth(self.user_two),
save=True)
self.component.add_tag('trumpets', auth=Auth(self.user_two), save=True)
self.component_two = NodeFactory(parent=self.project,
title='Highlights',
creator=self.user_one,
is_public=True)
self.private_component = NodeFactory(parent=self.project,
title='Wavves',
creator=self.user_one)
self.file = utils.create_test_file(self.component,
self.user_one,
filename='UltralightBeam.mp3')
self.file_two = utils.create_test_file(self.component_two,
self.user_one,
filename='Highlights.mp3')
self.private_file = utils.create_test_file(self.private_component,
self.user_one,
filename='Wavves.mp3')
def test_not_has_permission_not_logged_in(self):
with assert_raises(HTTPError) as exc_info:
views.check_access(self.node, Auth(), 'download', None)
assert_equal(exc_info.exception.code, 401)
def test_not_has_permission_logged_in(self):
user2 = AuthUserFactory()
with assert_raises(HTTPError) as exc_info:
views.check_access(self.node, Auth(user=user2), 'download', None)
assert_equal(exc_info.exception.code, 403)
def test_forked_project_no_wiki_pages(self):
fork = self.project.fork_node(auth=Auth(self.user))
main()
assert_equal(fork.wiki_pages_versions, {})
assert_equal(fork.wiki_pages_current, {})
def _create(cls, target_class, *args, **kwargs):
update_task_patcher = mock.patch(
'website.preprints.tasks.on_preprint_updated.si')
update_task_patcher.start()
finish = kwargs.pop('finish', True)
is_published = kwargs.pop('is_published', True)
instance = cls._build(target_class, *args, **kwargs)
doi = kwargs.pop('doi', None)
license_details = kwargs.pop('license_details', None)
filename = kwargs.pop('filename', None) or 'preprint_file.txt'
subjects = kwargs.pop('subjects', None) or [[SubjectFactory()._id]]
instance.node.preprint_article_doi = doi
instance.reviews_state = kwargs.pop('reviews_state', 'initial')
user = kwargs.pop('creator', None) or instance.node.creator
if not instance.node.is_contributor(user):
instance.node.add_contributor(
contributor=user,
permissions=permissions.CREATOR_PERMISSIONS,
log=False,
save=True)
preprint_file = OsfStorageFile.create(
node=instance.node,
path='/{}'.format(filename),
name=filename,
materialized_path='/{}'.format(filename))
preprint_file.save()
from addons.osfstorage import settings as osfstorage_settings
preprint_file.create_version(
user, {
'object': '06d80e',
'service': 'cloud',
osfstorage_settings.WATERBUTLER_RESOURCE: 'osf',
}, {
'size': 1337,
'contentType': 'img/png'
}).save()
if finish:
auth = Auth(user)
instance.set_primary_file(preprint_file, auth=auth, save=True)
instance.set_subjects(subjects, auth=auth)
if license_details:
instance.set_preprint_license(license_details, auth=auth)
create_task_patcher = mock.patch(
'website.preprints.tasks.get_and_set_preprint_identifiers.si')
mock_create_identifier = create_task_patcher.start()
if is_published:
mock_create_identifier.side_effect = sync_set_identifiers(
instance)
instance.set_published(is_published, auth=auth)
create_task_patcher.stop()
if not instance.is_published:
instance.node._has_abandoned_preprint = True
instance.node.save()
instance.save()
return instance
def test_bulk_creates_children_child_logged_in_write_contributor(self, app, user, project, child_one, child_two, url):
write_contrib = AuthUserFactory()
project.add_contributor(write_contrib, permissions=[permissions.READ, permissions.WRITE], auth=Auth(user), save=True)
res = app.post_json_api(url, {'data': [child_one, child_two]}, auth=write_contrib.auth, bulk=True)
assert res.status_code == 201
assert res.json['data'][0]['attributes']['title'] == child_one['attributes']['title']
assert res.json['data'][0]['attributes']['description'] == child_one['attributes']['description']
assert res.json['data'][0]['attributes']['category'] == child_one['attributes']['category']
assert res.json['data'][1]['attributes']['title'] == child_two['attributes']['title']
assert res.json['data'][1]['attributes']['description'] == child_two['attributes']['description']
assert res.json['data'][1]['attributes']['category'] == child_two['attributes']['category']
project.reload()
child_id = res.json['data'][0]['id']
child_two_id = res.json['data'][1]['id']
nodes = project.nodes
assert child_id == nodes[0]._id
assert child_two_id == nodes[1]._id
assert AbstractNode.load(child_id).logs.latest().action == NodeLog.PROJECT_CREATED
assert nodes[1].logs.latest().action == NodeLog.PROJECT_CREATED
def private_pointer(self, user, private_project, private_pointer_project):
return private_project.add_pointer(private_pointer_project, auth=Auth(user), save=True)
def _create(cls,
target_class,
project=None,
is_public=False,
schema=None,
draft_registration=None,
archive=False,
embargo=None,
registration_approval=None,
retraction=None,
provider=None,
*args,
**kwargs):
user = None
if project:
user = project.creator
user = kwargs.pop(
'user',
None) or kwargs.get('creator') or user or AuthUserFactory()
kwargs['creator'] = user
provider = provider or models.RegistrationProvider.get_default()
# Original project to be registered
project = project or target_class(*args, **kwargs)
if project.is_admin_contributor(user):
project.add_contributor(
contributor=user,
permissions=permissions.CREATOR_PERMISSIONS,
log=False,
save=False)
project.save()
if draft_registration:
schema = draft_registration.registration_schema
else:
schema = schema or get_default_metaschema()
# Default registration parameters
parent_registration = kwargs.get('parent')
if parent_registration:
schema = parent_registration.registration_schema
draft_registration = parent_registration.draft_registration.get()
if not draft_registration:
draft_registration = DraftRegistrationFactory(
branched_from=project,
initator=user,
registration_schema=schema,
provider=provider,
)
auth = Auth(user=user)
register = lambda: project.register_node(schema=schema,
auth=auth,
draft_registration=
draft_registration,
provider=provider,
parent=parent_registration)
def add_approval_step(reg):
if embargo:
reg.embargo = embargo
elif registration_approval:
reg.registration_approval = registration_approval
elif retraction:
reg.retraction = retraction
else:
reg.require_approval(reg.creator)
reg.save()
reg.sanction.add_authorizer(reg.creator, reg)
reg.sanction.save()
with patch('framework.celery_tasks.handlers.enqueue_task'):
reg = register()
add_approval_step(reg)
if not archive:
with patch.object(reg.archive_job, 'archive_tree_finished',
Mock(return_value=True)):
archive_job = reg.archive_job
archive_job.status = ARCHIVER_SUCCESS
archive_job.done = True
archive_job.save()
reg.sanction.state = Sanction.APPROVED
reg.sanction.save()
if is_public:
reg.is_public = True
reg.files_count = reg.registered_from.files.filter(
deleted_on__isnull=True).count()
draft_registration.registered_node = reg
draft_registration.save()
reg.save()
return reg
def public_pointer(self, user, public_project, public_pointer_project):
return public_project.add_pointer(public_pointer_project, auth=Auth(user), save=True)
def test_create_from_node_existing(self, user):
node = factories.ProjectFactory(creator=user)
member = factories.AuthUserFactory()
osf_group = factories.OSFGroupFactory(creator=user)
osf_group.make_member(member, auth=Auth(user))
node.add_osf_group(osf_group, ADMIN)
write_contrib = factories.AuthUserFactory()
subject = factories.SubjectFactory()
institution = factories.InstitutionFactory()
user.affiliated_institutions.add(institution)
title = 'A Study of Elephants'
description = 'Loxodonta africana'
category = 'Methods and Materials'
node.set_title(title, Auth(user))
node.set_description(description, Auth(user))
node.category = category
node.add_contributor(write_contrib, permissions=WRITE)
GPL3 = NodeLicense.objects.get(license_id='GPL3')
NEW_YEAR = '2014'
COPYLEFT_HOLDERS = ['Richard Stallman']
node.set_node_license(
{
'id': GPL3.license_id,
'year': NEW_YEAR,
'copyrightHolders': COPYLEFT_HOLDERS
},
auth=Auth(user),
save=True)
node.add_tag('savanna', Auth(user))
node.add_tag('taxonomy', Auth(user))
node.set_subjects([[subject._id]], auth=Auth(node.creator))
node.affiliated_institutions.add(institution)
node.save()
draft = DraftRegistration.create_from_node(
node=node,
user=user,
schema=factories.get_default_metaschema(),
)
# Assert existing metadata-like node attributes are copied to the draft
assert draft.title == title
assert draft.description == description
assert draft.category == category
assert user in draft.contributors.all()
assert write_contrib not in draft.contributors.all()
assert member not in draft.contributors.all()
assert not draft.has_permission(member, 'read')
assert draft.get_permissions(user) == [READ, WRITE, ADMIN]
assert draft.get_permissions(write_contrib) == []
assert draft.node_license.license_id == GPL3.license_id
assert draft.node_license.name == GPL3.name
assert draft.node_license.copyright_holders == COPYLEFT_HOLDERS
draft_tags = draft.tags.values_list('name', flat=True)
assert 'savanna' in draft_tags
assert 'taxonomy' in draft_tags
assert subject in draft.subjects.all()
assert institution in draft.affiliated_institutions.all()
assert draft.branched_from == node
def node_public(self, registration):
node_public = NodeFactory(is_public=True)
node_public.add_pointer(registration, auth=Auth(node_public.creator))
node_public.save()
return node_public
def test_noncontrib_cannot_set_subjects(self):
user_two = AuthUserFactory()
self.preprint.node.add_contributor(user_two, permissions=['read', 'write'], auth=Auth(self.user), save=True)
assert_not_equal(self.preprint.subjects[0], self.subject._id)
update_subjects_payload = build_preprint_update_payload(self.preprint._id, attributes={"subjects": [[self.subject._id]]})
res = self.app.patch_json_api(self.url, update_subjects_payload, auth=user_two.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_not_equal(self.preprint.subjects[0], self.subject._id)
def private_project(self, user, pointer):
private_project = ProjectFactory()
private_project.add_contributor(user, permissions=[permissions.READ, permissions.WRITE])
private_project.add_pointer(pointer, auth=Auth(user), save=True)
private_project.save()
return private_project
def auth(user):
return Auth(user)
def pointer_public(self, user, project_public, project_pointer_public):
return project_public.add_pointer(project_pointer_public,
auth=Auth(user),
save=True)
def private_project(self, user, pointer):
private_project = ProjectFactory(creator=user)
private_project.add_pointer(pointer, auth=Auth(user), save=True)
return private_project
def get_can_edit(self, obj):
user = self.context['request'].user
if user.is_anonymous:
return False
return obj.user._id == user._id and obj.node.can_comment(Auth(user))
def test_remind_prereg_presend_submitted(self, mock_mail, mock_archive, user, prereg):
prereg.register(Auth(user))
prereg.save()
mail = self.queue_mail(mail=PREREG_REMINDER, user=user, draft_id=prereg._id)
assert not mail.send_mail()
def test_cannot_register_draft_that_has_already_been_registered(self, mock_enqueue, app, user, payload, draft_registration, url_registrations):
draft_registration.register(auth=Auth(user), save=True)
res = app.post_json_api(url_registrations, payload, auth=user.auth, expect_errors=True)
assert res.status_code == 403
assert res.json['errors'][0]['detail'] == 'This draft has already been registered and cannot be modified.'
