def handle(self, *args, **options):
try:
model_id = settings.SYSTEM_USER_ID
except AttributeError:
print('The `SYSTEM_USER_ID` settings is missing from '
'the settings file. Set this to a specific ID '
'before running this command.')
return
system_user_name = 'System User'
existing_users = User.objects.filter(pk=model_id)
users_with_name = User.objects.filter(username=system_user_name)
if len(existing_users) == 1 and len(users_with_name) == 1:
print('System user already exists')
elif len(users_with_name) > 0:
print('A user with username "%s" already exists but is not '
'a super user' % system_user_name)
else:
user = User(is_active=False,
username=system_user_name,
pk=model_id)
user.save_base()
print('Created system user')
def setUp(self):
self.instance = make_instance()
self.commander = make_commander_user(self.instance, "comm")
# Note unicode '⅀' is on purpose
self.user1 = User(username='******', password='******',
email='*****@*****.**',
organization='org111',
first_name='therem', last_name='⅀straven')
self.user1.save_with_user(self.commander)
self.user2 = User(username='******', password='******',
email='*****@*****.**',
first_name='genly', last_name='ai')
self.user2.save_with_user(self.commander)
self.user3 = User(username='******', password='******',
email='*****@*****.**')
self.user3.save_with_user(self.commander)
self.user4 = User(username='******', password='******',
email='*****@*****.**')
self.user4.save_with_user(self.commander)
self.factory = RequestFactory()
def create_user(*args, **kwargs):
# Clearly this is just getting the api working
# it shouldn't stay here when real user stuff happens
user = User(username=kwargs["username"], email=kwargs["email"])
user.set_password(kwargs["password"])
user.save()
return user
class EcoTest(TestCase):
def setUp(self):
self.factory = RequestFactory()
self.instance, system_user = tm.make_instance_and_system_user()
self.user = User(username="******")
self.user.save_with_user(system_user)
self.user.roles.add(tm.make_commander_role(self.instance))
self.species = Species(symbol='CEDR',
genus='cedrus',
species='atlantica',
max_dbh=2000,
max_height=100)
self.species.save()
p1 = Point(-8515941.0, 4953519.0)
self.plot = Plot(geom=p1,
instance=self.instance,
created_by=self.user)
self.plot.save_with_user(self.user)
self.tree = Tree(plot=self.plot,
instance=self.instance,
readonly=False,
species=self.species,
diameter=1630,
created_by=self.user)
self.tree.save_with_user(self.user)
def test_group_eco(self):
pass # TODO: Once filtering has been enabled
def test_eco_benefit_sanity(self):
req = self.factory.get('/%s/eco/benefit/tree/%s/' %
(self.instance.pk, self.tree.pk))
response = tree_benefits(req,
instance_id=self.instance.pk,
tree_id=self.tree.pk,
region='NoEastXXX')
self.assertEqual(response.status_code, 200)
rslt = json.loads(response.content)
bens = rslt['benefits']
def assertBValue(benefit, unit, value):
self.assertEqual(bens[benefit]['unit'], unit)
self.assertEqual(int(float(bens[benefit]['value'])), value)
assertBValue('energy', 'kwh', 1896)
assertBValue('airquality', 'lbs/year', 6)
assertBValue('stormwater', 'gal', 3185)
assertBValue('co2', 'lbs/year', 563)
def create_mock_system_user():
try:
system_user = User.objects.get(username="******")
except Exception:
system_user = User(username="******",
email='*****@*****.**')
system_user.id = settings.SYSTEM_USER_ID
User._system_user = system_user
def setUp(self):
self.instance = make_instance()
self.commander = make_commander_user(self.instance, "comm")
# Note unicode '⅀' is on purpose
self.user1 = User(username='******',
password='******',
email='*****@*****.**',
organization='org111',
first_name='therem',
last_name='⅀straven')
self.user1.save_with_user(self.commander)
self.user2 = User(username='******',
password='******',
email='*****@*****.**',
first_name='genly',
last_name='ai')
self.user2.save_with_user(self.commander)
self.user3 = User(username='******',
password='******',
email='*****@*****.**')
self.user3.save_with_user(self.commander)
self.user4 = User(username='******',
password='******',
email='*****@*****.**')
self.user4.save_with_user(self.commander)
self.factory = RequestFactory()
def _create_test_user(self):
global userUUID
username = '******' % userUUID
email = '*****@*****.**' % username
userUUID += 1
User.objects.filter(email=email).delete()
u = User(username=username, email=email)
u.set_password(username)
u.save()
setattr(u, 'plain_password', username)
return u
def setUp(self):
self.factory = RequestFactory()
self.instance, system_user = tm.make_instance_and_system_user()
self.user = User(username="******")
self.user.save_with_user(system_user)
self.user.roles.add(tm.make_commander_role(self.instance))
self.species = Species(symbol='CEDR',
genus='cedrus',
species='atlantica',
max_dbh=2000,
max_height=100)
self.species.save()
p1 = Point(-8515941.0, 4953519.0)
self.plot = Plot(geom=p1,
instance=self.instance,
created_by=self.user)
self.plot.save_with_user(self.user)
self.tree = Tree(plot=self.plot,
instance=self.instance,
readonly=False,
species=self.species,
diameter=1630,
created_by=self.user)
self.tree.save_with_user(self.user)
def merge_species(request, instance):
species_to_delete_id = request.REQUEST['species_to_delete']
species_to_replace_with_id = request.REQUEST['species_to_replace_with']
species_to_delete = get_object_or_404(Species,
instance=instance,
pk=species_to_delete_id)
species_to_replace_with = get_object_or_404(Species,
instance=instance,
pk=species_to_replace_with_id)
if species_to_delete.pk == species_to_replace_with.pk:
return HttpResponse(json.dumps(
{"error": "Must pick different species"}),
content_type='application/json',
status=400)
# TODO: .update_with_user()?
trees_to_update = Tree.objects\
.filter(instance=instance)\
.filter(species=species_to_delete)
for tree in trees_to_update:
tree.species = species_to_replace_with
tree.save_with_system_user_bypass_auth()
species_to_delete.delete_with_user(request.user)
# Force a tree count update
species_to_replace_with.tree_count = 0
species_to_replace_with.save_with_user(User.system_user())
return HttpResponse(json.dumps({"status": "ok"}),
content_type='application/json')
def save_treephoto(migration_rules, migration_event, treephoto_path,
model_dict, treephoto_obj, instance, **kwargs):
if model_dict['fields']['tree'] == models.UNBOUND_MODEL_ID:
treephoto_obj = None
pk = models.UNBOUND_MODEL_ID
else:
image = open(os.path.join(treephoto_path,
model_dict['fields']['photo']))
treephoto_obj.set_image(image)
treephoto_obj.map_feature_id = (Tree
.objects
.values_list('plot__id', flat=True)
.get(pk=treephoto_obj.tree_id))
del model_dict['fields']['photo']
treephoto_obj.save_with_user_without_verifying_authorization(
User.system_user())
pk = treephoto_obj.pk
OTM1ModelRelic.objects.create(
instance=instance,
migration_event=migration_event,
otm1_model_id=model_dict['pk'],
otm2_model_name='treephoto',
otm2_model_id=pk)
return treephoto_obj
def save_species(migration_rules, migration_event,
species_dict, species_obj, instance,
**kwargs):
non_migrated_species = Species.objects.raw("""
SELECT *
FROM treemap_species
WHERE instance_id=%(instance_id)s
AND id not in
(SELECT otm2_model_id
FROM otm1_migrator_otm1modelrelic
WHERE otm2_model_name='species'
AND instance_id=%(instance_id)s)
""" % {'instance_id': instance.pk})
if len(list(non_migrated_species)) > 0:
raise MigrationException("You cannot migrate species, at all, "
"if any species for this instance are "
"not the result of a migration. This is "
"necessary to avoid record duplication.")
species_obj.save_with_user_without_verifying_authorization(
User.system_user())
OTM1ModelRelic.objects.create(
instance=instance,
migration_event=migration_event,
otm1_model_id=species_dict['pk'],
otm2_model_name='species',
otm2_model_id=species_obj.pk)
return species_obj
def merge_species(request, instance):
species_to_delete_id = request.REQUEST['species_to_delete']
species_to_replace_with_id = request.REQUEST['species_to_replace_with']
species_to_delete = get_object_or_404(
Species, instance=instance, pk=species_to_delete_id)
species_to_replace_with = get_object_or_404(
Species, instance=instance, pk=species_to_replace_with_id)
if species_to_delete.pk == species_to_replace_with.pk:
return HttpResponse(
json.dumps({"error": "Must pick different species"}),
content_type='application/json',
status=400)
# TODO: .update_with_user()?
trees_to_update = Tree.objects\
.filter(instance=instance)\
.filter(species=species_to_delete)
for tree in trees_to_update:
tree.species = species_to_replace_with
tree.save_with_system_user_bypass_auth()
species_to_delete.delete_with_user(request.user)
# Force a tree count update
species_to_replace_with.tree_count = 0
species_to_replace_with.save_with_user(User.system_user())
return HttpResponse(
json.dumps({"status": "ok"}),
content_type='application/json')
def setUp(self):
instance = make_instance()
user = make_admin_user(instance)
species = Species(instance=instance, genus="g1", species="", cultivar="", max_diameter=50.0, max_height=100.0)
species.save_with_user(User.system_user())
login(self.client, user.username)
def create_override(species_obj, species_dict):
for region in ['NoEastXXX', 'PiedmtCLT']:
override = ITreeCodeOverride(
instance_species_id=species_obj.pk,
region=ITreeRegion.objects.get(code=region),
itree_code=species_dict['fields']['itree_code'])
override.save_with_user(User.system_user())
return species_obj
def create_override(species_obj, species_dict):
for region in ['NoEastXXX', 'PiedmtCLT']:
override = ITreeCodeOverride(
instance_species_id=species_obj.pk,
region=ITreeRegion.objects.get(code=region),
itree_code=species_dict['fields']['itree_code'])
override.save_with_user(User.system_user())
return species_obj
def create_user(request):
data = json.loads(request.body)
errors = {}
for field in REQ_FIELDS:
if field not in data:
errors[field] = [_('This field is required')]
for inputfield in data:
if inputfield not in ALL_FIELDS:
errors[inputfield] = [_('Unrecognized field')]
if errors:
raise ValidationError(errors)
dup_username = User.objects.filter(username=data['username'])
dup_email = User.objects.filter(email=data['email'])
if dup_username.exists():
return _conflict_response(_('Username is already in use'))
if dup_email.exists():
# BE WARNED - The iOS application relies on this error message string.
# If you change this you WILL NEED TO ALTER CODE THERE AS WELL.
return _conflict_response(_('Email is already in use'))
user = User(**data)
# Needed to properly hash the password
user.set_password(data['password'])
user.active = True
user.save()
RegistrationProfile.objects.create_profile(user)
return {'status': 'success', 'id': user.pk}
def setUp(self):
instance = make_instance()
user = make_admin_user(instance)
species = Species(instance=instance, genus='g1', species='',
cultivar='', max_diameter=50.0, max_height=100.0)
species.save_with_user(User.system_user())
login(self.client, user.username)
def setup_env(self, *args, **options):
""" Create some seed data """
instance = Instance.objects.get(pk=options['instance'])
try:
user = User.system_user()
except User.DoesNotExist:
self.stdout.write('Error: Could not find a superuser to use')
return 1
instance_user = user.get_instance_user(instance)
if instance_user is None:
r = Role(name='global', rep_thresh=0, instance=instance)
r.save()
instance_user = InstanceUser(instance=instance,
user=user,
role=r)
instance_user.save_with_user(user)
self.stdout.write('Added system user to instance with global role')
for field in Plot._meta.get_all_field_names():
_, c = FieldPermission.objects.get_or_create(
model_name='Plot',
field_name=field,
role=instance_user.role,
instance=instance,
permission_level=FieldPermission.WRITE_DIRECTLY)
if c:
self.stdout.write('Created plot permission for field "%s"'
% field)
for field in Tree._meta.get_all_field_names():
_, c = FieldPermission.objects.get_or_create(
model_name='Tree',
field_name=field,
role=instance_user.role,
instance=instance,
permission_level=FieldPermission.WRITE_DIRECTLY)
if c:
self.stdout.write('Created tree permission for field "%s"'
% field)
dt = 0
dp = 0
if options.get('delete', False):
for t in Tree.objects.all():
t.delete_with_user(user)
dt += 1
for p in Plot.objects.all():
p.delete_with_user(user)
dp += 1
self.stdout.write("Deleted %s trees and %s plots" % (dt, dp))
return instance, user
def setup_env(self, *args, **options):
""" Create some seed data """
if options['instance']:
instance = Instance.objects.get(pk=options['instance'])
elif options['instance_url_name']:
instance = Instance.objects.get(
url_name=options['instance_url_name'])
else:
raise Exception("must provide instance")
try:
user = User.system_user()
except User.DoesNotExist:
self.stdout.write('Error: Could not find a superuser to use')
return 1
instance_user = user.get_instance_user(instance)
if instance_user is None:
r = Role.objects.get_or_create(name=Role.ADMINISTRATOR,
rep_thresh=0,
instance=instance,
default_permission=3)
instance_user = InstanceUser(instance=instance,
user=user,
role=r[0])
instance_user.save_with_user(user)
self.stdout.write(
'Added system user to instance with ADMINISTRATOR role')
add_default_permissions(instance)
dt = 0
dp = 0
if options.get('delete', False):
for t in Tree.objects.all():
t.delete_with_user(user)
dt += 1
for p in Plot.objects.all():
p.delete_with_user(user)
dp += 1
self.stdout.write("Deleted %s trees and %s plots" % (dt, dp))
dr = 0
if options.get('delete_resources', False):
for f in MapFeature.objects.all():
if f.feature_type != 'Plot':
f.delete_with_user(user)
dr += 1
self.stdout.write("Deleted %s resources" % dr)
return instance, user
def setup_env(self, *args, **options):
""" Create some seed data """
if options['instance']:
instance = Instance.objects.get(pk=options['instance'])
elif options['instance_url_name']:
instance = Instance.objects.get(
url_name=options['instance_url_name'])
else:
raise Exception("must provide instance")
try:
user = User.system_user()
except User.DoesNotExist:
self.stdout.write('Error: Could not find a superuser to use')
return 1
instance_user = user.get_instance_user(instance)
if instance_user is None:
r = Role.objects.get_or_create(name=Role.ADMINISTRATOR,
rep_thresh=0,
instance=instance,
default_permission=3)
instance_user = InstanceUser(instance=instance,
user=user,
role=r[0])
instance_user.save_with_user(user)
self.stdout.write(
'Added system user to instance with ADMINISTRATOR role')
add_default_permissions(instance)
dt = 0
dp = 0
if options.get('delete', False):
for t in Tree.objects.all():
t.delete_with_user(user)
dt += 1
for p in Plot.objects.all():
p.delete_with_user(user)
dp += 1
self.stdout.write("Deleted %s trees and %s plots" % (dt, dp))
dr = 0
if options.get('delete_resources', False):
for f in MapFeature.objects.all():
if f.feature_type != 'Plot':
f.delete_with_user(user)
dr += 1
self.stdout.write("Deleted %s resources" % dr)
return instance, user
def create_override(species_obj, species_dict):
itree_code = species_dict['fields'].get('itree_code', None)
if not itree_code:
raise MigrationException("species_dict missing itree_code: " +
str(species_dict))
override = ITreeCodeOverride(
instance_species_id=species_obj.pk,
region=ITreeRegion.objects.get(code=TREEZILLA_ITREE_REGION_CODE),
itree_code=itree_code)
override.save_with_user(User.system_user())
return species_obj
def create_override(species_obj, species_dict):
itree_code = species_dict['fields'].get('itree_code', None)
if not itree_code:
raise MigrationException("species_dict missing itree_code: " +
str(species_dict))
override = ITreeCodeOverride(
instance_species_id=species_obj.pk,
region=ITreeRegion.objects.get(code=TREEZILLA_ITREE_REGION_CODE),
itree_code=itree_code)
override.save_with_user(User.system_user())
return species_obj
def setUp(self):
self.instance = make_instance()
self.commander = make_commander_user(self.instance, "comm")
# Note unicode '⅀' is on purpose
self.user1 = User(
username="******",
password="******",
email="*****@*****.**",
organization="karhide",
first_name="therem",
last_name="⅀straven",
)
self.user1.save_with_user(self.commander)
self.user2 = User(
username="******",
password="******",
email="*****@*****.**",
first_name="genly",
last_name="ai",
allow_email_contact=True,
)
self.user2.save_with_user(self.commander)
self.user3 = User(username="******", password="******", email="*****@*****.**")
self.user3.save_with_user(self.commander)
role = make_commander_role(self.instance)
iuser1 = InstanceUser(instance=self.instance, user=self.user1, role=role)
iuser1.save_with_user(self.user1)
iuser2 = InstanceUser(instance=self.instance, user=self.user2, role=role)
iuser2.save_with_user(self.user2)
self.plot = Plot(geom=self.instance.center, readonly=False, instance=self.instance, width=4)
self.plot.save_with_user(self.user1)
self.tree = Tree(instance=self.instance, plot=self.plot, diameter=3)
self.tree.save_with_user(self.user2)
def create_user(request):
data = json.loads(request.body)
errors = {}
for field in REQ_FIELDS:
if field not in data:
errors[field] = [trans('This field is required')]
for inputfield in data:
if inputfield not in ALL_FIELDS:
errors[inputfield] = [trans('Unrecognized field')]
if errors:
raise ValidationError(errors)
dup_username = User.objects.filter(username=data['username'])
dup_email = User.objects.filter(email=data['email'])
if dup_username.exists():
return _conflict_response(trans('Username is already in use'))
if dup_email.exists():
# BE WARNED - The iOS application relies on this error message string.
# If you change this you WILL NEED TO ALTER CODE THERE AS WELL.
return _conflict_response(trans('Email is already in use'))
user = User(**data)
# Needed to properly hash the password
user.set_password(data['password'])
user.active = True
user.save()
RegistrationProfile.objects.create_profile(user)
return {'status': 'success', 'id': user.pk}
def create_override(species_obj, species_dict):
itree_code = species_dict['fields'].get('itree_code', None)
if not itree_code:
sci_name = species_dict['fields'].get('scientific_name', '').lower()
print('No itree_code for "%d: %s"' % (species_dict['pk'], sci_name))
itree_code = meta_species.get(sci_name, '')
print('Looked up meta species "%s"' % itree_code)
override = ITreeCodeOverride(
instance_species_id=species_obj.pk,
region=ITreeRegion.objects.get(code=TAMPA_ITREE_REGION_CODE),
itree_code=itree_code)
override.save_with_user(User.system_user())
return species_obj
def create_mock_system_user():
try:
system_user = User.objects.get(id=settings.SYSTEM_USER_ID)
except Exception:
system_user = User(username="******",
email='*****@*****.**')
system_user.id = settings.SYSTEM_USER_ID
system_user.set_password('password')
system_user.save_base()
User._system_user = system_user
def create_override(species_obj, species_dict):
itree_code = species_dict['fields'].get('itree_code', None)
if not itree_code:
sci_name = species_dict['fields'].get('scientific_name', '').lower()
print('No itree_code for "%d: %s"' % (species_dict['pk'], sci_name))
itree_code = meta_species.get(sci_name, '')
print('Looked up meta species "%s"' % itree_code)
override = ITreeCodeOverride(
instance_species_id=species_obj.pk,
region=ITreeRegion.objects.get(code=TAMPA_ITREE_REGION_CODE),
itree_code=itree_code)
override.save_with_user(User.system_user())
return species_obj
def setUp(self):
self.instance = make_instance()
self.commander = make_commander_user(self.instance, "comm")
# Note unicode '⅀' is on purpose
self.user1 = User(username='******', password='******',
email='*****@*****.**',
organization='org111',
first_name='therem', last_name='⅀straven')
self.user1.save_with_user(self.commander)
self.user2 = User(username='******', password='******',
email='*****@*****.**',
first_name='genly', last_name='ai',
allow_email_contact=True)
self.user2.save_with_user(self.commander)
self.user3 = User(username='******', password='******',
email='*****@*****.**')
self.user3.save_with_user(self.commander)
role = make_commander_role(self.instance)
iuser1 = InstanceUser(instance=self.instance, user=self.user1,
role=role)
iuser1.save_with_user(self.user1)
iuser2 = InstanceUser(instance=self.instance, user=self.user2,
role=role)
iuser2.save_with_user(self.user2)
pt = Point(0, 0)
self.plot = Plot(geom=pt, readonly=False, instance=self.instance,
width=4)
self.plot.save_with_user(self.user1)
self.tree = Tree(instance=self.instance, plot=self.plot, diameter=3)
self.tree.save_with_user(self.user2)
def save_species(migration_rules, migration_event,
species_dict, species_obj, instance):
species_obj.otm_code = otm_code_search(species_dict['fields']) or ''
species_obj.save_with_user_without_verifying_authorization(
User.system_user())
OTM1ModelRelic.objects.create(
instance=instance,
migration_event=migration_event,
otm1_model_id=species_dict['pk'],
otm2_model_name='species',
otm2_model_id=species_obj.pk)
return species_obj
def _map_feature_audits(user,
instance,
feature,
filters=None,
cudf_filters=None):
if filters is None:
filters = []
if cudf_filters is None:
cudf_filters = []
readable_plot_fields = feature.visible_fields(user)
feature_filter = Q(
model=feature.feature_type,
model_id=feature.pk,
field__in=readable_plot_fields)
filters.append(feature_filter)
feature_collection_udfs_filter = Q(
model__in=feature.visible_collection_udfs_audit_names(user),
model_id__in=feature.collection_udfs_audit_ids())
cudf_filters.append(feature_collection_udfs_filter)
# Seems to be much faster to do three smaller
# queries here instead of ORing them together
# (about a 50% inprovement!)
# TODO: Verify this is still the case now that we are also getting
# collection udf audits
iaudit = Audit.objects\
.filter(instance=instance)\
.exclude(user=User.system_user())
audits = []
for afilter in filters:
audits += list(iaudit.filter(afilter).order_by('-created')[:5])
# UDF collection audits have some fields which aren't very useful to show
udf_collection_exclude_filter = Q(
field__in=['model_id', 'field_definition'])
for afilter in cudf_filters:
audits += list(
iaudit.filter(afilter).exclude(udf_collection_exclude_filter).
order_by('-created')[:5])
audits = sorted(audits, key=lambda audit: audit.updated, reverse=True)[:5]
return audits
def _map_feature_audits(user,
instance,
feature,
filters=None,
cudf_filters=None):
if filters is None:
filters = []
if cudf_filters is None:
cudf_filters = []
readable_plot_fields = feature.visible_fields(user)
feature_filter = Q(model=feature.feature_type,
model_id=feature.pk,
field__in=readable_plot_fields)
filters.append(feature_filter)
feature_collection_udfs_filter = Q(
model__in=feature.visible_collection_udfs_audit_names(user),
model_id__in=feature.collection_udfs_audit_ids())
cudf_filters.append(feature_collection_udfs_filter)
# Seems to be much faster to do three smaller
# queries here instead of ORing them together
# (about a 50% inprovement!)
# TODO: Verify this is still the case now that we are also getting
# collection udf audits
iaudit = Audit.objects\
.filter(instance=instance)\
.exclude(user=User.system_user())
audits = []
for afilter in filters:
audits += list(iaudit.filter(afilter).order_by('-created')[:5])
# UDF collection audits have some fields which aren't very useful to show
udf_collection_exclude_filter = Q(
field__in=['model_id', 'field_definition'])
for afilter in cudf_filters:
audits += list(
iaudit.filter(afilter).exclude(
udf_collection_exclude_filter).order_by('-created')[:5])
audits = sorted(audits, key=lambda audit: audit.updated, reverse=True)[:5]
return audits
def create_mock_system_user():
try:
system_user = User.objects.get(id=settings.SYSTEM_USER_ID)
except Exception:
system_user = User(username="******",
email='*****@*****.**')
system_user.id = settings.SYSTEM_USER_ID
system_user.set_password('password')
system_user.save_base()
User._system_user = system_user
class UserExportsTestCase(OTMTestCase):
def assertUserJSON(self, data, expectations):
for key, expectation in expectations.items():
value = data[key]
self.assertEqual(
expectation, value,
"failure for key '%s': expected '%s', found '%s'" %
(key, expectation, value))
def setUp(self):
self.instance = make_instance()
self.commander = make_commander_user(self.instance, "comm")
# Note unicode '⅀' is on purpose
self.user1 = User(username='******',
password='******',
email='*****@*****.**',
organization='karhide',
first_name='therem',
last_name='⅀straven')
self.user1.save_with_user(self.commander)
self.user2 = User(username='******',
password='******',
email='*****@*****.**',
first_name='genly',
last_name='ai',
allow_email_contact=True)
self.user2.save_with_user(self.commander)
self.user3 = User(username='******',
password='******',
email='*****@*****.**')
self.user3.save_with_user(self.commander)
role = make_commander_role(self.instance)
iuser1 = InstanceUser(instance=self.instance,
user=self.user1,
role=role)
iuser1.save_with_user(self.user1)
iuser2 = InstanceUser(instance=self.instance,
user=self.user2,
role=role)
iuser2.save_with_user(self.user2)
self.plot = Plot(geom=self.instance.center,
readonly=False,
instance=self.instance,
width=4)
self.plot.save_with_user(self.user1)
self.tree = Tree(instance=self.instance, plot=self.plot, diameter=3)
self.tree.save_with_user(self.user2)
def find_user_to_save_with(migration_rules, model):
model_name = model.__class__.__name__.lower()
user_field_to_try = (migration_rules[model_name].get('dependencies',
{}).get('user', None))
if user_field_to_try:
potential_user_id = getattr(model, user_field_to_try, None)
else:
potential_user_id = None
try:
user = User.objects.get(pk=potential_user_id)
except User.DoesNotExist:
user = User.system_user()
return user
def find_user_to_save_with(migration_rules, model):
model_name = model.__class__.__name__.lower()
user_field_to_try = (migration_rules[model_name]
.get('dependencies', {})
.get('user', None))
if user_field_to_try:
potential_user_id = getattr(model, user_field_to_try, None)
else:
potential_user_id = None
try:
user = User.objects.get(pk=potential_user_id)
except User.DoesNotExist:
user = User.system_user()
return user
def save_plot(migration_rules, migration_event,
plot_dict, plot_obj, instance):
if plot_dict['fields']['present'] is False:
plot_obj = None
pk = models.UNBOUND_MODEL_ID
else:
plot_obj.save_with_user_without_verifying_authorization(
User.system_user())
pk = plot_obj.pk
OTM1ModelRelic.objects.create(
instance=instance,
migration_event=migration_event,
otm1_model_id=plot_dict['pk'],
otm2_model_name='plot',
otm2_model_id=pk)
return plot_obj
def save_tree(migration_rules, migration_event,
tree_dict, tree_obj, instance,
**kwargs):
if ((tree_dict['fields']['present'] is False or
tree_dict['fields']['plot'] == models.UNBOUND_MODEL_ID)):
tree_obj = None
pk = models.UNBOUND_MODEL_ID
else:
tree_obj.save_with_user_without_verifying_authorization(
User.system_user())
pk = tree_obj.pk
OTM1ModelRelic.objects.create(
instance=instance,
migration_event=migration_event,
otm1_model_id=tree_dict['pk'],
otm2_model_name='tree',
otm2_model_id=pk)
return tree_obj
class UserExportsTestCase(OTMTestCase):
def assertUserJSON(self, data, expectations):
for key, expectation in expectations.items():
value = data[key]
self.assertEqual(
expectation, value, "failure for key '%s': expected '%s', found '%s'" % (key, expectation, value)
)
def setUp(self):
self.instance = make_instance()
self.commander = make_commander_user(self.instance, "comm")
# Note unicode '⅀' is on purpose
self.user1 = User(
username="******",
password="******",
email="*****@*****.**",
organization="karhide",
first_name="therem",
last_name="⅀straven",
)
self.user1.save_with_user(self.commander)
self.user2 = User(
username="******",
password="******",
email="*****@*****.**",
first_name="genly",
last_name="ai",
allow_email_contact=True,
)
self.user2.save_with_user(self.commander)
self.user3 = User(username="******", password="******", email="*****@*****.**")
self.user3.save_with_user(self.commander)
role = make_commander_role(self.instance)
iuser1 = InstanceUser(instance=self.instance, user=self.user1, role=role)
iuser1.save_with_user(self.user1)
iuser2 = InstanceUser(instance=self.instance, user=self.user2, role=role)
iuser2.save_with_user(self.user2)
self.plot = Plot(geom=self.instance.center, readonly=False, instance=self.instance, width=4)
self.plot.save_with_user(self.user1)
self.tree = Tree(instance=self.instance, plot=self.plot, diameter=3)
self.tree.save_with_user(self.user2)
class UserExportsTestCase(TestCase):
def setUp(self):
self.instance = make_instance()
self.commander = make_commander_user(self.instance, "comm")
# Note unicode '⅀' is on purpose
self.user1 = User(username='******',
password='******',
email='*****@*****.**',
organization='org111',
first_name='therem',
last_name='⅀straven')
self.user1.save_with_user(self.commander)
self.user2 = User(username='******',
password='******',
email='*****@*****.**',
first_name='genly',
last_name='ai',
allow_email_contact=True)
self.user2.save_with_user(self.commander)
self.user3 = User(username='******',
password='******',
email='*****@*****.**')
self.user3.save_with_user(self.commander)
role = make_commander_role(self.instance)
iuser1 = InstanceUser(instance=self.instance,
user=self.user1,
role=role)
iuser1.save_with_user(self.user1)
iuser2 = InstanceUser(instance=self.instance,
user=self.user2,
role=role)
iuser2.save_with_user(self.user2)
pt = Point(0, 0)
self.plot = Plot(geom=pt,
readonly=False,
instance=self.instance,
width=4)
self.plot.save_with_user(self.user1)
self.tree = Tree(instance=self.instance, plot=self.plot, diameter=3)
self.tree.save_with_user(self.user2)
class UserExportsTestCase(OTMTestCase):
def assertUserJSON(self, data, expectations):
for key, value in expectations.items():
self.assertEqual(data[key], value)
def setUp(self):
self.instance = make_instance()
self.commander = make_commander_user(self.instance, "comm")
# Note unicode '⅀' is on purpose
self.user1 = User(username='******', password='******',
email='*****@*****.**',
organization='karhide',
first_name='therem', last_name='⅀straven')
self.user1.save_with_user(self.commander)
self.user2 = User(username='******', password='******',
email='*****@*****.**',
first_name='genly', last_name='ai',
allow_email_contact=True)
self.user2.save_with_user(self.commander)
self.user3 = User(username='******', password='******',
email='*****@*****.**')
self.user3.save_with_user(self.commander)
role = make_commander_role(self.instance)
iuser1 = InstanceUser(instance=self.instance, user=self.user1,
role=role)
iuser1.save_with_user(self.user1)
iuser2 = InstanceUser(instance=self.instance, user=self.user2,
role=role)
iuser2.save_with_user(self.user2)
pt = Point(0, 0)
self.plot = Plot(geom=pt, readonly=False, instance=self.instance,
width=4)
self.plot.save_with_user(self.user1)
self.tree = Tree(instance=self.instance, plot=self.plot, diameter=3)
self.tree.save_with_user(self.user2)
def create_user(request):
data = json.loads(request.body)
if 'allow_email_contact' not in data:
data['allow_email_contact'] = False
errors = {}
for field in REQ_FIELDS:
if field not in data:
errors[field] = [trans('This field is required')]
for inputfield in data:
if inputfield not in ALL_FIELDS:
errors[inputfield] = [trans('Unrecognized field')]
if errors:
raise ValidationError(errors)
dup_username = User.objects.filter(username=data['username'])
dup_email = User.objects.filter(email=data['email'])
if dup_username.exists():
return _conflict_response(trans('Username is already in use'))
if dup_email.exists():
return _conflict_response(trans('Email is already in use'))
user = User(**data)
# Needed to properly hash the password
user.set_password(data['password'])
user.active = True
user.save()
RegistrationProfile.objects.create_profile(user)
return {'status': 'success', 'id': user.pk}
def create_user(request):
data = json.loads(request.body)
if 'allow_email_contact' not in data:
data['allow_email_contact'] = False
errors = {}
for field in REQ_FIELDS:
if field not in data:
errors[field] = [trans('This field is required')]
for inputfield in data:
if inputfield not in ALL_FIELDS:
errors[inputfield] = [trans('Unrecognized field')]
if errors:
raise ValidationError(errors)
dup_username = User.objects.filter(username=data['username'])
dup_email = User.objects.filter(email=data['email'])
if dup_username.exists():
return _conflict_response(trans('Username is already in use'))
if dup_email.exists():
return _conflict_response(trans('Email is already in use'))
user = User(**data)
# Needed to properly hash the password
user.set_password(data['password'])
user.active = True
user.save()
RegistrationProfile.objects.create_profile(user)
return {'status': 'success', 'id': user.pk}
def tests_works_when_normal_save_fails(self):
self.plot = self.plot
self.plot.width = 444
with self.assertRaises(AuthorizeException):
self.plot.save_with_user(User.system_user())
self.plot.save_with_system_user_bypass_auth()
def commit_row(self):
is_valid = self.validate_row()
if not is_valid or not self.merged:
return # not ready to commit
if self.status == SpeciesImportRow.SUCCESS:
return # nothing changed so no need to commit
# Get our data
data = self.cleaned
species_edited = False
# Initially grab species from row if it exists and edit it
species = self.species
# If not specified create a new one
if species is None:
species = Species(instance=self.import_event.instance)
# Convert units
self.convert_units(
data, {
fields.species.MAX_DIAMETER:
self.import_event.max_diameter_conversion_factor,
fields.species.MAX_HEIGHT:
self.import_event.max_tree_height_conversion_factor
})
for modelkey, datakey in SpeciesImportRow.SPECIES_MAP.iteritems():
importdata = data.get(datakey, None)
if importdata is not None:
species_edited = True
setattr(species, modelkey, importdata)
# Set OTM code if missing and available
if not species.otm_code:
species_dict = species_for_scientific_name(
species.genus, species.species, species.cultivar,
species.other_part_of_name)
if species_dict:
species_edited = True
species.otm_code = species_dict['otm_code']
if species_edited:
species.save_with_system_user_bypass_auth()
# Make i-Tree code override(s) if necessary
if fields.species.ITREE_PAIRS in data:
for region_code, itree_code in data[fields.species.ITREE_PAIRS]:
if itree_code != species.get_itree_code(region_code):
override = ITreeCodeOverride.objects.get_or_create(
instance_species=species,
region=ITreeRegion.objects.get(code=region_code),
)[0]
override.itree_code = itree_code
override.save_with_user(User.system_user())
self.species = species
self.status = SpeciesImportRow.SUCCESS
self.save()
class UserRolesTest(OTMTestCase):
def setUp(self):
self.instance = make_instance()
self.commander = make_commander_user(self.instance, "comm")
# Note unicode '⅀' is on purpose
self.user1 = User(username='******',
password='******',
email='*****@*****.**',
organization='org111',
first_name='therem',
last_name='⅀straven')
self.user1.save_with_user(self.commander)
self.user2 = User(username='******',
password='******',
email='*****@*****.**',
first_name='genly',
last_name='ai')
self.user2.save_with_user(self.commander)
self.user3 = User(username='******',
password='******',
email='*****@*****.**')
self.user3.save_with_user(self.commander)
self.user4 = User(username='******',
password='******',
email='*****@*****.**')
self.user4.save_with_user(self.commander)
self.factory = RequestFactory()
def _add_user_to_instance_view(self, email):
body = {'email': email}
return create_user_role(
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
def test_add_user_to_instance(self):
mail.outbox = []
self.assertIsNone(self.user4.get_instance_user(self.instance))
self._add_user_to_instance_view(self.user4.email)
self.assertIsNotNone(self.user4.get_instance_user(self.instance))
msg = mail.outbox[0]
# Just make sure we have some chars and the
# correct receiver
self.assertGreater(len(msg.subject), 10)
self.assertGreater(len(msg.body), 10)
self.assertEquals(tuple(msg.to), (self.user4.email, ))
def test_email_not_found_creates_invite(self):
self.assertEqual(InstanceInvitation.objects.count(), 0)
mail.outbox = []
email = '*****@*****.**'
body = {'email': email}
create_user_role(
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
self.assertEqual(InstanceInvitation.objects.count(), 1)
ii = InstanceInvitation.objects.all()[0]
# Should have email and default role
self.assertEqual(ii.email, email)
self.assertEqual(ii.instance, self.instance)
self.assertEqual(ii.role, self.instance.default_role)
# Should have sent an email to the user
self.assertEqual(len(mail.outbox), 1)
msg = mail.outbox[0]
# Just make sure we have some chars and the
# correct receiver
self.assertGreater(len(msg.subject), 10)
self.assertGreater(len(msg.body), 10)
self.assertEquals(tuple(msg.to), (email, ))
def test_invalid_email(self):
body = {'email': 'asdfasdf@'}
self.assertRaises(
ValidationError, create_user_role,
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
def test_email_already_bound(self):
iuser = InstanceUser(user=self.user1,
instance=self.instance,
role=self.instance.default_role)
iuser.save_with_user(self.commander)
body = {'email': self.user1.email}
self.assertRaises(
ValidationError, create_user_role,
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
def test_email_already_bound_to_invite(self):
email = "*****@*****.**"
invite = InstanceInvitation(email=email,
instance=self.instance,
created_by=self.user4,
role=self.instance.default_role)
invite.save()
body = {'email': email}
self.assertRaises(
ValidationError, create_user_role,
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
def test_invites_updated(self):
email = "*****@*****.**"
invite = InstanceInvitation(email=email,
instance=self.instance,
created_by=self.user4,
role=self.instance.default_role)
invite.save()
new_role = Role(name='Ambassador',
instance=self.instance,
rep_thresh=0)
new_role.save()
body = {'invites': {invite.pk: {'role': new_role.pk}}}
update_user_roles(
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
# requery invite
invite = InstanceInvitation.objects.get(pk=invite.pk)
self.assertEqual(invite.role, new_role)
def test_user_roles_updated(self):
iuser = InstanceUser(user=self.user2,
instance=self.instance,
role=self.instance.default_role)
iuser.save_with_user(self.commander)
new_role = Role(name='Ambassador',
instance=self.instance,
rep_thresh=0)
new_role.save()
body = {'users': {iuser.pk: {'role': new_role.pk, 'admin': False}}}
update_user_roles(
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
#requery iuser
iuser = InstanceUser.objects.get(pk=iuser.pk)
self.assertEqual(iuser.role, new_role)
self.assertEqual(iuser.admin, False)
body = {'users': {iuser.pk: {'role': new_role.pk, 'admin': True}}}
update_user_roles(
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
#requery iuser
iuser = InstanceUser.objects.get(pk=iuser.pk)
self.assertEqual(iuser.role, new_role)
self.assertEqual(iuser.admin, True)
def test_can_change_admin_without_feature(self):
iuser = InstanceUser(user=self.user2,
instance=self.instance,
role=self.instance.default_role)
iuser.save_with_user(self.commander)
body = {'users': {iuser.pk: {'admin': False}}}
update_user_roles(
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
#requery iuser
iuser = InstanceUser.objects.get(pk=iuser.pk)
self.assertEqual(iuser.admin, False)
body = {'users': {iuser.pk: {'admin': True}}}
update_user_roles(
make_request(method='POST',
body=json.dumps(body),
user=self.commander), self.instance)
#requery iuser
iuser = InstanceUser.objects.get(pk=iuser.pk)
self.assertEqual(iuser.admin, True)
def setup_env(self, *args, **options):
""" Create some seed data """
if options['instance']:
instance = Instance.objects.get(pk=options['instance'])
elif options['instance_url_name']:
instance = Instance.objects.get(
url_name=options['instance_url_name'])
else:
raise Exception("must provide instance")
try:
user = User.system_user()
except User.DoesNotExist:
self.stdout.write('Error: Could not find a superuser to use')
return 1
instance_user = user.get_instance_user(instance)
if instance_user is None:
r = Role.objects.get_or_create(name=Role.ADMINISTRATOR,
rep_thresh=0,
instance=instance,
default_permission_level=3)
instance_user = InstanceUser(instance=instance,
user=user,
role=r[0])
instance_user.save_with_user(user)
self.stdout.write(
'Added system user to instance with ADMINISTRATOR role')
add_default_permissions(instance)
if options.get('delete', False):
# Can't delete through the ORM because it will pull all the data
# into memory for signal handlers, then run out of memory and crash
# BUT... cascading delete is not handled at the DB level, so we
# need to delete from all related tables in the right order
n_photo = MapFeaturePhoto.objects.filter(instance=instance).count()
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM treemap_treephoto t
WHERE t.mapfeaturephoto_ptr_id IN
(SELECT id
FROM treemap_mapfeaturephoto p
WHERE p.instance_id = %s)
""", (instance.pk, ))
with connection.cursor() as cursor:
cursor.execute(
'DELETE FROM treemap_mapfeaturephoto t WHERE t.instance_id = %s', # NOQA
(instance.pk, ))
self.stdout.write("Deleted %s photos" % n_photo)
n_trees = Tree.objects.filter(instance=instance).count()
with connection.cursor() as cursor:
cursor.execute(
'DELETE FROM treemap_tree t WHERE t.instance_id = %s',
(instance.pk, ))
self.stdout.write("Deleted %s trees" % n_trees)
n_favorites = Favorite.objects \
.filter(map_feature__instance=instance).count()
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM treemap_favorite f
WHERE f.map_feature_id IN
(SELECT id
FROM treemap_mapfeature m
WHERE m.instance_id = %s)
""", (instance.pk, ))
self.stdout.write("Deleted %s favorites" % n_favorites)
n_comments = EnhancedThreadedComment.objects \
.filter(instance=instance).count()
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM otm_comments_enhancedthreadedcommentflag f
WHERE f.comment_id IN
(SELECT threadedcomment_ptr_id
FROM otm_comments_enhancedthreadedcomment c
WHERE c.instance_id = %s)
""", (instance.pk, ))
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM otm_comments_enhancedthreadedcomment c
WHERE c.instance_id = %s
""", (instance.pk, ))
self.stdout.write("Deleted %s comments" % n_comments)
n_rows = TreeImportRow.objects \
.filter(plot__instance=instance).count()
with connection.cursor() as cursor:
cursor.execute(
"""
UPDATE importer_treeimportrow r
SET plot_id = NULL
WHERE r.import_event_id IN
(SELECT id
FROM importer_treeimportevent e
WHERE e.instance_id = %s)
""", (instance.pk, ))
self.stdout.write("Nulled out plot in %s import rows" % n_rows)
n_features = MapFeature.objects.filter(instance=instance).count()
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM treemap_plot p
WHERE p.mapfeature_ptr_id IN
(SELECT id
FROM treemap_mapfeature f
WHERE f.instance_id = %s)
""", (instance.pk, ))
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM stormwater_bioswale b
WHERE b.polygonalmapfeature_ptr_id IN
(SELECT id
FROM treemap_mapfeature f
WHERE f.instance_id = %s)
""", (instance.pk, ))
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM stormwater_raingarden b
WHERE b.polygonalmapfeature_ptr_id IN
(SELECT id
FROM treemap_mapfeature f
WHERE f.instance_id = %s)
""", (instance.pk, ))
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM stormwater_rainbarrel b
WHERE b.mapfeature_ptr_id IN
(SELECT id
FROM treemap_mapfeature f
WHERE f.instance_id = %s)
""", (instance.pk, ))
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM stormwater_polygonalmapfeature b
WHERE b.mapfeature_ptr_id IN
(SELECT id
FROM treemap_mapfeature f
WHERE f.instance_id = %s)
""", (instance.pk, ))
with connection.cursor() as cursor:
cursor.execute(
'DELETE FROM treemap_mapfeature f WHERE f.instance_id = %s', # NOQA
(instance.pk, ))
self.stdout.write("Deleted %s map features" % n_features)
n_audits = Audit.objects.filter(instance=instance).count()
with connection.cursor() as cursor:
cursor.execute(
"""
DELETE FROM treemap_audit a
WHERE a.instance_id = %s
AND a.model NOT IN
('InstanceUser', 'Species', 'ITreeCodeOverride', 'EnhancedInstance')
""", (instance.pk, ))
self.stdout.write("Deleted %s audits" % n_audits)
instance.update_revs('geo_rev', 'eco_rev', 'universal_rev')
return instance, user
def user_roles_list(request, instance):
page = int(request.GET.get('page', '1'))
user_sort = request.GET.get('user_sort', 'user__username')
invite_sort = request.GET.get('invite_sort', 'email')
query = request.GET.get('query', '')
def invite_context(invites):
for invite in invites:
yield {
'id': str(invite.pk),
'username': invite.email,
'role_id': invite.role.pk,
'role_name': invite.role.name,
'admin': invite.admin,
}
def instance_user_context(instance_users):
for instance_user in paged_instance_users:
user = instance_user.user
yield {
'id': str(instance_user.pk),
'username': user.username,
'role_id': instance_user.role.pk,
'role_name': instance_user.role.name,
'admin': instance_user.admin,
'is_owner': does_user_own_instance(instance, user)
}
# The secondary sort on username/email is needed to ensure consistent
# ordering within groupings. Testing shows that things work correctly when
# the supplied sort order is also username/email
invited = instance.instanceinvitation_set \
.select_related('role') \
.filter(accepted=False) \
.order_by(invite_sort, 'email')
instance_users = instance.instanceuser_set \
.select_related('role', 'user') \
.exclude(user=User.system_user()) \
.order_by(user_sort, 'user__username')
if query:
instance_users = instance_users.filter(user__username__icontains=query)
paginator = Paginator(instance_users, 15)
urlizer = UrlParams('user_roles_partial', instance.url_name, page=page,
invite_sort=invite_sort, user_sort=user_sort,
query=query)
try:
paged_instance_users = paginator.page(page)
except EmptyPage:
# If the page number is out of bounds, return the last page
paged_instance_users = paginator.page(paginator.num_pages)
return {
'instance': instance,
'instance_users': instance_user_context(paged_instance_users),
'paged_instance_users': paged_instance_users,
'invited_users': invite_context(invited),
'instance_roles': Role.objects.filter(instance_id=instance.pk),
'page_url': urlizer.url('invite_sort', 'user_sort', 'query'),
'invite_sort_url': urlizer.url('page', 'user_sort', 'query'),
'user_sort_url': urlizer.url('invite_sort', 'query'),
'search_url': urlizer.url('invite_sort', 'user_sort'),
'invite_sort': invite_sort,
'user_sort': user_sort,
}
def get_audits(logged_in_user,
instance,
query_vars,
user,
models,
model_id,
page=0,
page_size=20,
exclude_pending=True,
should_count=False):
start_pos = page * page_size
end_pos = start_pos + page_size
if instance:
if instance.is_accessible_by(logged_in_user):
instances = Instance.objects.filter(pk=instance.pk)
else:
instances = Instance.objects.none()
# If we didn't specify an instance we only want to
# show audits where the user has permission
else:
instances = Instance.objects.filter(
user_accessible_instance_filter(logged_in_user))
if not instances.exists():
# Force no results
return {
'audits': Audit.objects.none(),
'total_count': 0,
'next_page': None,
'prev_page': None
}
map_feature_models = set(MapFeature.subclass_dict().keys())
model_filter = Q()
# We only want to show the TreePhoto's image, not other fields
# and we want to do it automatically if 'Tree' was specified as
# a model. The same goes for MapFeature(s) <-> MapFeaturePhoto
# There is no need to check permissions, because photos are always visible
if 'Tree' in models:
model_filter = model_filter | Q(model='TreePhoto', field='image')
if map_feature_models.intersection(models):
model_filter = model_filter | Q(model='MapFeaturePhoto', field='image')
if logged_in_user == user:
# The logged-in user can see all their own edits
model_filter = model_filter | \
Q(model__in=models) | Q(model__startswith='udf:')
else:
# Filter other users' edits by their visibility to the logged-in user
for inst in instances:
for model in models:
ModelClass = get_auditable_class(model)
if issubclass(ModelClass, Authorizable):
fake_model = ModelClass(instance=inst)
visible_fields = fake_model.visible_fields(logged_in_user)
model_filter = model_filter |\
Q(model=model, field__in=visible_fields, instance=inst)
else:
model_filter = model_filter | Q(model=model, instance=inst)
# Add UDF collections related to model
if model == 'Tree':
fake_model = Tree(instance=inst)
elif model == 'Plot':
fake_model = Plot(instance=inst)
else:
continue
model_collection_udfs_audit_names =\
fake_model.visible_collection_udfs_audit_names(
logged_in_user)
model_filter = model_filter |\
Q(model__in=model_collection_udfs_audit_names)
udf_bookkeeping_fields = Q(model__startswith='udf:',
field__in=('id', 'model_id',
'field_definition'))
audits = (Audit.objects.filter(model_filter).filter(
instance__in=instances).select_related('instance').exclude(
udf_bookkeeping_fields).exclude(user=User.system_user()).order_by(
'-created', 'id'))
if user:
audits = audits.filter(user=user)
if model_id:
audits = audits.filter(model_id=model_id)
if exclude_pending:
audits = audits.exclude(requires_auth=True, ref__isnull=True)
total_count = audits.count() if should_count else 0
audits = audits[start_pos:end_pos]
query_vars = {k: v for (k, v) in query_vars.iteritems() if k != 'page'}
next_page = None
prev_page = None
if audits.count() == page_size:
query_vars['page'] = page + 1
next_page = "?" + urllib.urlencode(query_vars)
if page > 0:
query_vars['page'] = page - 1
prev_page = "?" + urllib.urlencode(query_vars)
return {
'audits': audits,
'total_count': total_count,
'next_page': next_page,
'prev_page': prev_page
}
def make_plain_user(username, password='******'):
user = User(username=username, email='*****@*****.**' % username)
user.set_password(password) # hashes password, allowing authentication
user.save()
return user
def tests_works_when_normal_save_fails(self):
self.plot = self.plot
self.plot.width = 444
with self.assertRaises(AuthorizeException):
self.plot.save_with_user(User.system_user())
self.plot.save_with_system_user_bypass_auth()
def tearDown(self):
self.instance.delete()
self.user.delete_with_user(User.system_user())
super(TreemapUITestCase, self).tearDown()
def get_audits(logged_in_user,
instance,
query_vars,
user=None,
models=ALLOWED_MODELS,
model_id=None,
start_id=None,
prev_start_ids=[],
page_size=PAGE_DEFAULT,
exclude_pending=True,
should_count=False):
if instance:
if instance.is_accessible_by(logged_in_user):
instances = Instance.objects.filter(pk=instance.pk)
else:
instances = Instance.objects.none()
# If we didn't specify an instance we only want to
# show audits where the user has permission
else:
instances = Instance.objects\
.filter(user_accessible_instance_filter(logged_in_user))
if user:
instances = instances.filter(pk__in=_instance_ids_edited_by(user))
instances = instances.distinct()
if not instances.exists():
# Force no results
return {
'audits': Audit.objects.none(),
'total_count': 0,
'next_page': None,
'prev_page': None
}
map_feature_models = set(MapFeature.subclass_dict().keys())
model_filter = Q()
# We only want to show the TreePhoto's image, not other fields
# and we want to do it automatically if 'Tree' was specified as
# a model. The same goes for MapFeature(s) <-> MapFeaturePhoto
# There is no need to check permissions, because photos are always visible
if 'Tree' in models:
model_filter = model_filter | Q(model='TreePhoto', field='image')
if map_feature_models.intersection(models):
model_filter = model_filter | Q(model='MapFeaturePhoto', field='image')
for inst in instances:
eligible_models = ({'Tree', 'TreePhoto', 'MapFeaturePhoto'}
| set(inst.map_feature_types)) & set(models)
if logged_in_user == user:
eligible_udfs = {
'udf:%s' % udf.id
for udf in udf_defs(inst)
if udf.model_type in eligible_models and udf.iscollection
}
# The logged-in user can see all their own edits
model_filter = model_filter | Q(
instance=inst, model__in=(eligible_models | eligible_udfs))
else:
# Filter other users' edits by their visibility to the
# logged-in user
for model in eligible_models:
ModelClass = get_auditable_class(model)
fake_model = ModelClass(instance=inst)
if issubclass(ModelClass, Authorizable):
visible_fields = fake_model.visible_fields(logged_in_user)
model_filter = model_filter |\
Q(model=model, field__in=visible_fields, instance=inst)
else:
model_filter = model_filter | Q(model=model, instance=inst)
if issubclass(ModelClass, UDFModel):
model_collection_udfs_audit_names = (
fake_model.visible_collection_udfs_audit_names(
logged_in_user))
model_filter = model_filter | (Q(
model__in=model_collection_udfs_audit_names))
udf_bookkeeping_fields = Q(model__startswith='udf:',
field__in=('id', 'model_id',
'field_definition'))
audits = (Audit.objects.filter(model_filter).filter(
instance__in=instances).select_related('instance').exclude(
udf_bookkeeping_fields).exclude(
user=User.system_user()).order_by('-pk'))
if user:
audits = audits.filter(user=user)
if model_id:
audits = audits.filter(model_id=model_id)
if exclude_pending:
audits = audits.exclude(requires_auth=True, ref__isnull=True)
# Slicing the QuerySet uses a SQL Limit, which has proven to be quite slow.
# By relying on the fact the our list is ordered by primary key from newest
# to oldest, we can rely on the index on the primary key, which is faster.
if start_id is not None:
audits = audits.filter(pk__lte=start_id)
total_count = audits.count() if should_count else 0
audits = audits[:page_size]
# Coerce the queryset into a list so we can get the last audit row on the
# current page
audits = list(audits)
# We are using len(audits) instead of audits.count() because we
# have already realized the queryset at this point
if len(audits) == page_size:
query_vars.setlist('prev', prev_start_ids + [audits[0].pk])
query_vars['start'] = audits[-1].pk - 1
next_page = "?" + query_vars.urlencode()
else:
next_page = None
if prev_start_ids:
if len(prev_start_ids) == 1:
del query_vars['prev']
del query_vars['start']
else:
prev_start_id = prev_start_ids.pop()
query_vars.setlist('prev', prev_start_ids)
query_vars['start'] = prev_start_id
prev_page = "?" + query_vars.urlencode()
else:
prev_page = None
return {
'audits': audits,
'total_count': total_count,
'next_page': next_page,
'prev_page': prev_page
}
