def test_owned_dataset_company_users_with_admin_should_edit(self):
org = factories.Organization()
fred = factories.User(name='fred')
bob = factories.User(name='bob')
alice = factories.User(name='alice')
member_fred = {'username': fred['name'],
'role': 'admin',
'id': org['id']}
helpers.call_action('organization_member_create', **member_fred)
member_bob = {'username': bob['name'],
'role': 'admin',
'id': org['id']}
helpers.call_action('organization_member_create', **member_bob)
dataset = factories.Dataset(user=fred, owner_org=org['name'], managing_users="bob")
context = {'model': model, 'user': '******'}
params = {
'id': dataset['id'],
}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
context = {'model': model, 'user': '******'}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
#Alice is not in the organization
context = {'model': model, 'user': '******'}
nose.tools.assert_raises(logic.NotAuthorized, helpers.call_auth, 'package_update', context=context, **params)
def test_group_admin_delete_correct_creds(self):
'''
Calling group admin delete by a sysadmin doesn't raise NotAuthorized.
'''
a_sysadmin = factories.Sysadmin()
context = {'user': a_sysadmin['name'], 'model': None}
helpers.call_auth('group_admin_delete', context=context)
def test_project_admin_list_correct_creds(self):
'''
Calling project admin list by a sysadmin doesn't raise
NotAuthorized.
'''
a_sysadmin = factories.Sysadmin()
context = {'user': a_sysadmin['name'], 'model': None}
helpers.call_auth('ckanext_project_admin_list', context=context)
def test_showcase_admin_remove_correct_creds(self):
'''
Calling showcase admin remove by a sysadmin doesn't raise
NotAuthorized.
'''
a_sysadmin = factories.Sysadmin()
context = {'user': a_sysadmin['name'], 'model': None}
helpers.call_auth('ckanext_showcase_admin_remove', context=context)
def test_config_option_public_activity_stream_detail(self):
'''Config option says an anon user is authorized to get activity
stream data/detail.
'''
dataset = factories.Dataset()
context = {'user': None, 'model': model}
helpers.call_auth('package_activity_list',
context=context,
id=dataset['id'], include_data=True)
def test_project_package_association_delete_sysadmin(self):
'''
Calling project package association create by a sysadmin doesn't
raise NotAuthorized.
'''
a_sysadmin = factories.Sysadmin()
context = {'user': a_sysadmin['name'], 'model': None}
helpers.call_auth('ckanext_project_package_association_delete',
context=context)
def test_showcase_package_association_create_showcase_admin(self):
'''
Calling showcase package association create by a showcase admin
doesn't raise NotAuthorized.
'''
showcase_admin = factories.User()
# Make user a showcase admin
helpers.call_action('ckanext_showcase_admin_add', context={},
username=showcase_admin['name'])
context = {'user': showcase_admin['name'], 'model': None}
helpers.call_auth('ckanext_showcase_package_association_create',
context=context)
def test_project_package_association_delete_project_admin(self):
'''
Calling project package association create by a project admin
doesn't raise NotAuthorized.
'''
project_admin = factories.User()
# Make user a project admin
helpers.call_action('ckanext_project_admin_add', context={},
username=project_admin['name'])
context = {'user': project_admin['name'], 'model': None}
helpers.call_auth('ckanext_project_package_association_delete',
context=context)
def test_sysadmin_user_can_clear(self):
user = factories.User(sysadmin=True)
context = {'user': user['name'], 'model': model}
response = helpers.call_auth('resource_view_clear', context=context)
assert_equals(response, True)
def test_user_update_user_can_update_herself(self):
'''Users should be authorized to update their own accounts.'''
# Make a mock ckan.model.User object, Fred.
fred = factories.MockUser(name='fred')
# Make a mock ckan.model object.
mock_model = mock.MagicMock()
# model.User.get(user_id) should return our mock user.
mock_model.User.get.return_value = fred
# Put the mock model in the context.
# This is easier than patching import ckan.model.
context = {'model': mock_model}
# The 'user' in the context has to match fred.name, so that the
# auth function thinks that the user being updated is the same user as
# the user who is logged-in.
context['user'] = fred.name
# Make Fred try to update his own user name.
params = {
'id': fred.id,
'name': 'updated_user_name',
}
result = helpers.call_auth('user_update', context=context, **params)
assert result is True
def test_group_show__user_is_avail_to_public(self):
group = factories.Group()
context = {'model': model}
context['user'] = ''
assert helpers.call_auth('group_show', context=context,
id=group['name'])
def test_group_show__deleted_group_is_visible_to_its_member(self):
fred = factories.User(name="fred")
org = factories.Group(users=[fred])
context = {"model": model}
context["user"] = "******"
ret = helpers.call_auth("group_show", context=context, id=org["name"])
assert ret
def test_group_show__deleted_org_is_visible_to_its_member(self):
fred = factories.User(name="fred")
fred["capacity"] = "editor"
org = factories.Organization(users=[fred])
context = {"model": model}
context["user"] = "******"
ret = helpers.call_auth("group_show", context=context, id=org["name"])
assert ret
def assert_authorization_passes(self, auth_function_name, user_roles,
project_id, project_id_parameter,
**kwargs):
kwargs[project_id_parameter] = project_id
for user_role in user_roles:
assert_true(helpers.call_auth(
auth_function_name,
context=self.get_user_context(user_role),
**kwargs)
)
def test_group_show__deleted_group_is_visible_to_its_member(self):
fred = factories.User(name='fred')
org = factories.Group(users=[fred])
context = {'model': model}
context['user'] = '******'
ret = helpers.call_auth('group_show', context=context,
id=org['name'])
assert ret
def test_authorized_if_user_has_permissions_on_dataset(self):
user = factories.User()
dataset = factories.Dataset(user=user)
context = {'user': user['name'], 'model': core_model}
response = helpers.call_auth('package_create_default_resource_views',
context=context, package=dataset)
assert_equals(response, True)
def test_group_show__deleted_org_is_visible_to_its_member(self):
fred = factories.User(name='fred')
fred['capacity'] = 'editor'
org = factories.Organization(users=[fred], state='deleted')
context = {'model': model}
context['user'] = '******'
ret = helpers.call_auth('group_show', context=context,
id=org['name'])
assert ret
def test_datastore_search_sql_perms(self):
context = self._get_context(self.normal_user)
context['table_names'] = [self.resource['id']]
with pytest.raises(toolkit.NotAuthorized):
core_helpers.call_auth(
'datastore_search_sql',
context=context,
resource_id=self.resource['id'],
)
context = self._get_context(self.org_user)
context['table_names'] = [self.resource['id']]
assert core_helpers.call_auth('datastore_search_sql', context=context,
resource_id=self.resource['id'])
context = self._get_context(self.sysadmin)
context['table_names'] = [self.resource['id']]
assert core_helpers.call_auth('datastore_search_sql', context=context,
resource_id=self.resource['id'])
def test_package_show__deleted_dataset_is_visible_to_editor(self):
fred = factories.User(name="fred")
fred["capacity"] = "editor"
org = factories.Organization(users=[fred])
dataset = factories.Dataset(owner_org=org["id"], state="deleted")
context = {"model": model}
context["user"] = "******"
ret = helpers.call_auth("package_show", context=context, id=dataset["name"])
assert ret
def test_group_show__deleted_org_is_visible_to_its_member(self):
fred = factories.User(name='fred')
fred['capacity'] = 'editor'
org = factories.Organization(users=[fred])
context = {'model': model}
context['user'] = '******'
ret = helpers.call_auth('group_show', context=context,
id=org['name'])
assert ret
def test_authorized_if_user_has_permissions_on_dataset(self):
user = factories.User()
dataset = factories.Dataset(user=user)
context = {'user': user['name'], 'model': core_model}
response = helpers.call_auth('package_create_default_resource_views',
context=context,
package=dataset)
assert_equals(response, True)
def test_run_sysadmin(self, app):
resource = factories.Resource()
sysadmin = factories.Sysadmin()
context = {'user': sysadmin['name'], 'model': model}
assert_equals(
call_auth('resource_validation_run',
context=context,
resource_id=resource['id']), True)
def test_sysadmin_is_authorized(self):
sysadmin = factories.Sysadmin()
resource = {'title': 'Resource', 'url': 'http://test', 'format': 'csv'}
context = {'user': sysadmin['name'], 'model': core_model}
response = helpers.call_auth('resource_create',
context=context,
**resource)
assert_equals(response, True)
def test_delete_collaborator_admin_is_authorized(self):
user = factories.User()
helpers.call_action(
'package_collaborator_create',
id=self.dataset['id'], user_id=user['id'], capacity='admin')
context = self._get_context(user)
assert helpers.call_auth(
'package_collaborator_delete', context=context, id=self.dataset['id'])
def test_dataset_show_private_member(self):
org = factories.Organization()
dataset = factories.Dataset(private=True, owner_org=org['id'])
user = factories.User()
context = self._get_context(user)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth('package_show',
context=context,
id=dataset['id'])
helpers.call_action('package_collaborator_create',
id=dataset['id'],
user_id=user['id'],
capacity='member')
assert helpers.call_auth('package_show',
context=context,
id=dataset['id'])
def test_sysadmin_is_authorized(self):
sysadmin = factories.Sysadmin()
resource = {"title": "Resource", "url": "http://test", "format": "csv"}
context = {"user": sysadmin["name"], "model": core_model}
response = helpers.call_auth("resource_create",
context=context,
**resource)
assert response
def test_not_authorized_if_user_has_no_permissions_on_dataset_3(self):
org = factories.Organization()
user = factories.User()
member = {"username": user["name"], "role": "admin", "id": org["id"]}
helpers.call_action("organization_member_create", **member)
user_2 = factories.User()
dataset = factories.Dataset(owner_org=org["id"])
context = {"user": user_2["name"], "model": core_model}
with pytest.raises(logic.NotAuthorized):
helpers.call_auth(
"package_create_default_resource_views",
context=context,
package=dataset,
)
def test_resource_create_public_admin_and_editor(self, role):
org = factories.Organization()
dataset = factories.Dataset(owner_org=org['id'])
user = factories.User()
context = self._get_context(user)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth('resource_create',
context=context,
package_id=dataset['id'])
helpers.call_action('package_collaborator_create',
id=dataset['id'],
user_id=user['id'],
capacity=role)
assert helpers.call_auth('resource_create',
context=context,
package_id=dataset['id'])
def test_create_unowned_datasets(self):
user = factories.User()
dataset = factories.Dataset(user=user)
assert dataset['owner_org'] is None
assert dataset['creator_user_id'] == user['id']
context = self._get_context(user)
assert helpers.call_auth(
'package_collaborator_create', context=context, id=dataset['id'])
def test_user_generate_own_apikey(self):
fred = factories.MockUser(name="fred")
mock_model = mock.MagicMock()
mock_model.User.get.return_value = fred
# auth_user_obj shows user as logged in for non-anonymous auth
# functions
context = {"model": mock_model, "auth_user_obj": fred}
context["user"] = fred.name
params = {"id": fred.id}
result = helpers.call_auth("user_generate_apikey", context=context, **params)
assert result is True
def test_package_show__deleted_dataset_is_visible_to_editor(self):
fred = factories.User(name='fred')
fred['capacity'] = 'editor'
org = factories.Organization(users=[fred])
dataset = factories.Dataset(owner_org=org['id'], state='deleted')
context = {'model': model}
context['user'] = '******'
ret = helpers.call_auth('package_show', context=context,
id=dataset['name'])
assert ret
def test_package_show__deleted_dataset_is_visible_to_editor(self):
fred = factories.User(name='fred')
fred['capacity'] = 'editor'
org = factories.Organization(users=[fred])
dataset = factories.Dataset(owner_org=org['id'], state='deleted')
context = {'model': model}
context['user'] = '******'
ret = helpers.call_auth('package_show', context=context,
id=dataset['name'])
assert ret
def test_resource_view_list_private_editor(self):
org = factories.Organization()
dataset = factories.Dataset(private=True, owner_org=org['id'])
resource = factories.Resource(package_id=dataset['id'])
user = factories.User()
context = self._get_context(user)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth('resource_view_list',
context=context,
id=resource['id'])
helpers.call_action('package_collaborator_create',
id=dataset['id'],
user_id=user['id'],
capacity='editor')
assert helpers.call_auth('resource_view_list',
context=context,
id=resource['id'])
def test_sysadmin_is_authorized(self):
sysadmin = factories.Sysadmin()
resource = {'title': 'Resource',
'url': 'http://test',
'format': 'csv'}
context = {'user': sysadmin['name'], 'model': core_model}
response = helpers.call_auth('resource_create',
context=context, **resource)
assert_equals(response, True)
def test_user_update_with_no_user_in_context():
# Make a mock ckan.model.User object.
mock_user = factories.MockUser(name="fred")
# Make a mock ckan.model object.
mock_model = mock.MagicMock()
# model.User.get(user_id) should return our mock user.
mock_model.User.get.return_value = mock_user
# Put the mock model in the context.
# This is easier than patching import ckan.model.
context = {"model": mock_model}
# For this test we're going to have no 'user' in the context.
context["user"] = None
params = {"id": mock_user.id, "name": "updated_user_name"}
with pytest.raises(logic.NotAuthorized):
helpers.call_auth("user_update", context=context, **params)
def test_datastore_info_private_member(self):
org = factories.Organization()
dataset = factories.Dataset(private=True, owner_org=org[u'id'])
resource = factories.Resource(package_id=dataset[u'id'])
user = factories.User()
context = self._get_context(user)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth(u'datastore_info',
context=context,
resource_id=resource[u'id'])
helpers.call_action(u'package_collaborator_create',
id=dataset[u'id'],
user_id=user[u'id'],
capacity=u'member')
assert helpers.call_auth(u'datastore_info',
context=context,
resource_id=resource[u'id'])
def test_resource_delete_public_member(self):
org = factories.Organization()
dataset = factories.Dataset(owner_org=org['id'])
resource = factories.Resource(package_id=dataset['id'])
user = factories.User()
context = self._get_context(user)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth('resource_delete',
context=context,
id=resource['id'])
helpers.call_action('package_collaborator_create',
id=dataset['id'],
user_id=user['id'],
capacity='member')
with pytest.raises(logic.NotAuthorized):
helpers.call_auth('resource_delete',
context=context,
id=resource['id'])
def test_only_org_member_can_view_revision(self):
user = factories.User()
simple_user = factories.User()
org = factories.Organization(users=[{
'name': user['name'],
'capacity': 'editor'
}])
self.user = user
self.simple_user = simple_user
self.org = org
pkg = factories.Dataset(owner_org=org['id'])
th.call_action('move_to_next_stage', id=pkg['id'])
data = th.call_action('move_to_next_stage', id=pkg['id'])
pkg.update(data)
revision = th.call_action('create_dataset_revision',
{'user': user['name']},
id=pkg['id'])
th.call_auth('read_dataset_revision', {
'model': model,
'user': user['name']
}, **revision)
nt.assert_raises(tk.NotAuthorized, th.call_auth,
'read_dataset_revision', {
'model': model,
'user': simple_user['name']
}, **revision)
th.call_action('move_to_next_stage', id=revision['id'])
th.call_auth('read_dataset_revision', {
'model': model,
'user': user['name']
}, **revision)
nt.assert_raises(tk.NotAuthorized, th.call_auth,
'read_dataset_revision', {
'model': model,
'user': simple_user['name']
}, **revision)
def test_ipermissionlabels_user_group_see_privates_inverted(
create_with_upload):
"""User is not allowed to see another user's private datasets"""
user_a = factories.User()
user_b = factories.User()
owner_org = factories.Organization(users=[{
'name': user_a['id'],
'capacity': 'admin'
}])
owner_group = factories.Group(users=[
{
'name': user_a['id'],
'capacity': 'admin'
},
])
context_a = {
'ignore_auth': False,
'user': user_a['name'],
'model': model,
'api_version': 3
}
context_b = {
'ignore_auth': False,
'user': user_b['name'],
'model': model,
'api_version': 3
}
dataset, _ = make_dataset(context_a,
owner_org,
create_with_upload=create_with_upload,
activate=True,
groups=[{
"id": owner_group["id"]
}],
private=True)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth("package_show", context_b, id=dataset["id"])
def test_unowned_only_creator_can_edit(self):
fred = factories.User(name='fred')
bob = factories.User(name='bob')
dataset = factories.Dataset(user=fred)
context = {'model': model, 'user': '******'}
params = {
'id': dataset['id'],
}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
#Bob should not be able to edit package
context = {'model': model, 'user': '******'}
nose.tools.assert_raises(logic.NotAuthorized, helpers.call_auth, 'package_update', context=context, **params)
def test_unowned_only_managing_users_can_edit(self):
fred = factories.User(name='fred')
bob = factories.User(name='bob')
alice = factories.User(name='alice')
lisa = factories.User(name='lisa')
dataset = factories.Dataset(user=fred, managing_users='bob,alice')
context = {'model': model, 'user': '******'}
params = {
'id': dataset['id'],
}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
#Bob and alice should be also able to edit
context = {'model': model, 'user': '******'}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
context = {'model': model, 'user': '******'}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
#Lisa shuldn't be able
context = {'model': model, 'user': '******'}
nose.tools.assert_raises(logic.NotAuthorized, helpers.call_auth, 'package_update', context=context, **params)
def test_proposed_dataset_invisible_to_another_editor(self):
user = factories.User()
user2 = factories.User()
org = factories.Organization(
user=user2, users=[{u"name": user["id"], u"capacity": u"editor"}]
)
factories.Dataset(
name=u"d1", notes=u"Proposed:", user=user2, owner_org=org["id"]
)
results = get_action(u"package_search")(
{u"user": user["name"]}, {u"include_private": True}
)["results"]
names = [r["name"] for r in results]
assert names == []
with pytest.raises(NotAuthorized):
call_auth(
u"package_show",
{u"user": user["name"], u"model": model},
id=u"d1",
)
def test_proposed_dataset_visible_to_creator(self):
user = factories.User()
dataset = factories.Dataset(
name=u'd1', notes=u'Proposed:', user=user)
results = get_action(u'package_search')(
{u'user': user['name']}, {u'include_private': True})['results']
names = [r['name'] for r in results]
assert_equal(names, [u'd1'])
ret = call_auth(u'package_show',
{u'user': user['name'], u'model': model}, id=u'd1')
assert ret
def test_package_show__deleted_dataset_is_visible_to_editor(self):
fred = factories.User(name="fred")
fred["capacity"] = "editor"
org = factories.Organization(users=[fred])
dataset = factories.Dataset(owner_org=org["id"], state="deleted")
context = {"model": model}
context["user"] = "******"
ret = helpers.call_auth("package_show",
context=context,
id=dataset["name"])
assert ret
def test_owned_dataset_company_users_with_admin_should_edit(self):
org = factories.Organization()
fred = factories.User(name='fred')
bob = factories.User(name='bob')
alice = factories.User(name='alice')
member_fred = {
'username': fred['name'],
'role': 'admin',
'id': org['id']
}
helpers.call_action('organization_member_create', **member_fred)
member_bob = {
'username': bob['name'],
'role': 'admin',
'id': org['id']
}
helpers.call_action('organization_member_create', **member_bob)
dataset = factories.Dataset(user=fred,
owner_org=org['name'],
managing_users="bob")
context = {'model': model, 'user': '******'}
params = {
'id': dataset['id'],
}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
context = {'model': model, 'user': '******'}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
#Alice is not in the organization
context = {'model': model, 'user': '******'}
nose.tools.assert_raises(logic.NotAuthorized,
helpers.call_auth,
'package_update',
context=context,
**params)
def test_authorized_if_user_has_permissions_on_dataset_2(self):
user = factories.User()
dataset = factories.Dataset(user=user)
context = {"user": user["name"], "model": core_model}
response = helpers.call_auth(
"package_create_default_resource_views",
context=context,
package=dataset,
)
assert response
def test_org_admin_bulk_update_delete_forbidden(create_with_upload):
"""do not allow bulk_update_delete"""
user = factories.User()
owner_org = factories.Organization(users=[{
'name': user['id'],
'capacity': 'admin'
}])
# create a datasets
create_context1 = {
'ignore_auth': False,
'user': user['name'],
'api_version': 3
}
ds1, _ = make_dataset(create_context1,
owner_org,
create_with_upload=create_with_upload,
activate=True)
create_context2 = {
'ignore_auth': False,
'user': user['name'],
'api_version': 3
}
ds2, _ = make_dataset(create_context2,
owner_org,
create_with_upload=create_with_upload,
activate=True)
# assert: bulk_update_delete is should be forbidden
test_context = {
'ignore_auth': False,
'user': user['name'],
'model': model,
'api_version': 3
}
with pytest.raises(logic.NotAuthorized):
helpers.call_auth("bulk_update_delete",
test_context,
datasets=[ds1, ds2],
org_id=owner_org["id"])
def test_proposed_dataset_visible_to_creator(self):
user = factories.User()
factories.Dataset(name=u"d1", notes=u"Proposed:", user=user)
results = get_action(u"package_search")(
{u"user": user["name"]}, {u"include_private": True}
)["results"]
names = [r["name"] for r in results]
assert names == [u"d1"]
ret = call_auth(
u"package_show", {u"user": user["name"], u"model": model}, id=u"d1"
)
assert ret
def test_not_authorized_if_user_has_no_permissions_on_dataset_4(self):
org = factories.Organization()
user = factories.User()
member = {"username": user["name"], "role": "admin", "id": org["id"]}
helpers.call_action("organization_member_create", **member)
user_2 = factories.User()
dataset = factories.Dataset(user=user, owner_org=org["id"])
resource = {
"package_id": dataset["id"],
"title": "Resource",
"url": "http://test",
"format": "csv",
}
context = {"user": user_2["name"], "model": core_model}
with pytest.raises(logic.NotAuthorized):
helpers.call_auth("resource_create", context=context, **resource)
def test_user_generate_own_apikey():
fred = factories.MockUser(name="fred")
mock_model = mock.MagicMock()
mock_model.User.get.return_value = fred
# auth_user_obj shows user as logged in for non-anonymous auth
# functions
context = {"model": mock_model, "auth_user_obj": fred}
context["user"] = fred.name
params = {"id": fred.id}
result = helpers.call_auth("user_generate_apikey",
context=context,
**params)
assert result is True
def test_show_anon_public_dataset(self, app):
user = factories.User()
org = factories.Organization()
dataset = factories.Dataset(owner_org=org['id'],
resources=[factories.Resource()],
private=False)
context = {'user': user['name'], 'model': model}
assert_equals(
call_auth('resource_validation_show',
context=context,
resource_id=dataset['resources'][0]['id']), True)
def test_user_update_visitor_cannot_update_user():
"""Visitors should not be able to update users' accounts."""
# Make a mock ckan.model.User object, Fred.
fred = factories.MockUser(name="fred")
# Make a mock ckan.model object.
mock_model = mock.MagicMock()
# model.User.get(user_id) should return Fred.
mock_model.User.get.return_value = fred
# Put the mock model in the context.
# This is easier than patching import ckan.model.
context = {"model": mock_model}
# No user is going to be logged-in.
context["user"] = "******"
# Make the visitor try to update Fred's user account.
params = {"id": fred.id, "name": "updated_user_name"}
with pytest.raises(logic.NotAuthorized):
helpers.call_auth("user_update", context=context, **params)
def test_authorized_if_user_has_permissions_on_dataset(self):
user = factories.User()
dataset = factories.Dataset(user=user)
resource = {'package_id': dataset['id'],
'title': 'Resource',
'url': 'http://test',
'format': 'csv'}
context = {'user': user['name'], 'model': core_model}
response = helpers.call_auth('resource_create',
context=context, **resource)
assert_equals(response, True)
def test_authorized_if_user_has_permissions_on_dataset_3(self):
user = factories.User()
dataset = factories.Dataset(user=user)
resource = factories.Resource(user=user, package_id=dataset["id"])
context = {"user": user["name"], "model": model}
response = helpers.call_auth(
"resource_create_default_resource_views",
context=context,
resource=resource,
)
assert response
def test_user_generate_own_apikey(self):
fred = factories.MockUser(name='fred')
mock_model = mock.MagicMock()
mock_model.User.get.return_value = fred
# auth_user_obj shows user as logged in for non-anonymous auth
# functions
context = {'model': mock_model, 'auth_user_obj': fred}
context['user'] = fred.name
params = {
'id': fred.id,
}
result = helpers.call_auth('user_generate_apikey', context=context,
**params)
assert result is True
def test_user_invite_delegates_correctly_to_group_member_create(self, gmc):
user = factories.User()
context = {
'user': user['name'],
'model': None,
'auth_user_obj': user
}
data_dict = {'group_id': 42}
gmc.return_value = {'success': False}
nose.tools.assert_raises(logic.NotAuthorized, helpers.call_auth,
'user_invite', context=context, **data_dict)
gmc.return_value = {'success': True}
result = helpers.call_auth('user_invite', context=context, **data_dict)
assert result is True
def test_proposed_dataset_visible_to_org_admin(self):
user = factories.User()
user2 = factories.User()
org = factories.Organization(
user=user2,
users=[{u'name': user['id'], u'capacity': u'editor'}])
dataset = factories.Dataset(
name=u'd1', notes=u'Proposed:', user=user, owner_org=org['id'])
results = get_action(u'package_search')(
{u'user': user2[u'name']}, {u'include_private': True})['results']
names = [r['name'] for r in results]
assert_equal(names, [u'd1'])
ret = call_auth(u'package_show',
{u'user': user2['name'], u'model': model}, id=u'd1')
assert ret
def test_authorized_if_user_has_permissions_on_dataset(self):
user = factories.User()
dataset = factories.Dataset(user=user)
resource = factories.Resource(user=user, package_id=dataset['id'])
resource_view = {'resource_id': resource['id'],
'title': u'Resource View',
'view_type': u'image_view',
'image_url': 'url'}
context = {'user': user['name'], 'model': core_model}
response = helpers.call_auth('resource_view_create',
context=context, **resource_view)
assert_equals(response, True)
def test_org_user_can_delete(self):
user = factories.User()
org_users = [{'name': user['name'], 'capacity': 'editor'}]
org = factories.Organization(users=org_users)
dataset = factories.Dataset(owner_org=org['id'],
resources=[factories.Resource()],
user=user)
resource_view = factories.ResourceView(
resource_id=dataset['resources'][0]['id']
)
context = {'user': user['name'], 'model': model}
response = helpers.call_auth('resource_view_delete', context=context,
id=resource_view['id'])
assert_equals(response, True)
