def test_imports_mappings_imputation_not_allowed(self, app, group):
url = '/imports/mappings/direct'
environ = make_environ(userid=USERID, groups=[group])
response = app.get(url, extra_environ=environ, expect_errors=True)
assert response.status_code == 403
def test_iform_upload(self, app, group, datadir):
url = '/imports/codebooks/iform/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'mode': u'dry',
'study': u'DRSC'
}
# from pytest import set_trace; set_trace()
iform = datadir.join('iform_input_fixture.json').open()
json_data = iform.read()
response = app.post(
url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.json', json_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
iform.close()
assert response.status_code == 200
def test_iform_upload_not_allowed(self, app, group):
from pkg_resources import resource_filename
url = '/imports/codebooks/iform/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'mode': u'dry',
'study': u'DRSC'
}
iform = open(resource_filename(
'tests.fixtures', 'iform_input_fixture.json'), 'r')
json_data = iform.read()
response = app.post(
url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.json', json_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
iform.close()
assert response.status_code == 403
def test_cytoscape_demo_allowed(self, app, group):
url = '/imports/demos/cytoscapejs'
environ = make_environ(userid=USERID, groups=[group])
response = app.get(url, extra_environ=environ)
assert response.status_code == 200
def test_occams_upload_validate(self, app, group):
from pkg_resources import resource_filename
url = '/imports/codebooks/occams/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'mode': u'dry',
'delimiter': u'comma',
'study': u'DRSC'
}
codebook = open(
resource_filename('tests.fixtures', 'codebook.csv'), 'rb')
csv_data = codebook.read()
response = app.post(
url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.csv', csv_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
codebook.close()
assert response.status_code == 200
assert u'ClinicalAssessment595vitd' in response.body
assert u'Codebook Import Status' in response.body
assert u'2014-10-23' in response.body
assert u'Fields evaluated' in response.body
def test_imports_iform(self, app, group):
url = '/imports/codebooks/iform'
environ = make_environ(userid=USERID, groups=[group])
response = app.get(url, extra_environ=environ)
assert response.status_code == 200
def test_not_allowed_move_field_unpublished(self, app, db_session, group):
from occams_datastore import models as datastore
url = '/forms/test_schema2/versions/{}/fields/text_box2?move'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
form_id = db_session.query(datastore.Schema.id).filter(
datastore.Schema.name == u'test_schema2').scalar()
data = {
'index': 0
}
res = app.put_json(
url.format(form_id),
status='*',
extra_environ=environ,
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_edit_field_unpublished(self, app, db_session, group):
from occams_datastore import models as datastore
url = '/forms/test_schema2/versions/{}/fields/test_field2'
form_id = db_session.query(datastore.Schema.id).filter(
datastore.Schema.name == u'test_schema2').scalar()
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'name': 'test_field_add',
'type': 'string',
'title': 'updated title'
}
res = app.put_json(
url.format(form_id),
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data
)
assert 200 == res.status_code
def test_not_allowed(self, app, db_session, group):
from occams_datastore import models as datastore
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
schema = db_session.query(datastore.Schema).filter(
datastore.Schema.name == u'test_schema').one()
schema_id = schema.id
data = {
'collect_date': '2015-01-01',
'schema': schema_id
}
res = app.post_json(
self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_not_allowed(self, app, db_session, group):
from occams_studies import models as studies
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
site = db_session.query(studies.Site).filter(
studies.Site.name == u'UCSD').one()
site_id = site.id
data = {
'site': site_id,
'references': []
}
res = app.post_json(
self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_not_allowed(self, app, db_session, group):
from occams_studies import models as studies
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
patient = db_session.query(studies.Patient).filter(
studies.Patient.pid == u'123').one()
data = {
'initials': patient.initials,
'nurse': patient.nurse,
'site_id': patient.site_id,
'pid': patient.pid,
'site': patient.site_id
}
res = app.put_json(
self.url.format('123'),
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_not_allowed(self, app, db_session, group):
from occams_studies import models as studies
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
visit_date = db_session.query(studies.Visit.visit_date).filter(
studies.Patient.pid == u'123').scalar()
cycle_id = db_session.query(studies.Cycle.id).filter(
studies.Cycle.name == u'TestCycle').scalar()
data = {
'cycles': [cycle_id],
'visit_date': '2015-01-02'
}
res = app.put_json(
self.url.format(visit_date),
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_allowed(self, app, db_session, group):
from occams_studies import models as studies
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
cycle_id = db_session.query(studies.Cycle.id).filter(
studies.Cycle.name == u'TestCycle').scalar()
data = {
'cycles': [cycle_id],
'visit_date': '2015-01-01',
'include_forms': False,
'include_speciman': False
}
res = app.post_json(
self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 200 == res.status_code
def test_occams_upload_not_allowed(self, app, group, datadir):
url = '/imports/codebooks/occams/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'mode': u'dry',
'delimiter': u'comma',
'study': u'DRSC'
}
codebook = datadir.join('codebook.csv').open()
csv_data = codebook.read()
response = app.post(
url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.csv', csv_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
codebook.close()
assert response.status_code == 403
def test_not_allowed_forms_versions_post_draft(
self, app, db_session, group):
url = '/forms/test_schema/versions/2015-01-01?draft'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'__url__': url,
'name': 'test_schema',
'title': 'test_title',
'fields': [],
'hasFields': False,
'isNew': False,
'publish_date': '2015-01-01'
}
res = app.post(
url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
xhr=True,
params=data)
assert 403 == res.status_code
def test_qds_upload_codebook(self, app, group, datadir):
url = '/imports/codebooks/qds/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'mode': u'dry',
'delimiter': u'comma',
'study': u'DRSC'
}
qds = datadir.join('qds_input_fixture.csv').open()
qds_data = qds.read()
response = app.post(
url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.csv', qds_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
qds.close()
assert response.status_code == 200
def test_not_allowed_forms_versions_edit_unpublished(
self, app, db_session, group):
from occams_datastore import models as datastore
url = '/forms/test_schema2/versions/{}'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
form_id = db_session.query(datastore.Schema.id).filter(
datastore.Schema.name == u'test_schema2').scalar()
data = {
'__url__': url,
'name': 'test_schema',
'title': 'test_title',
'fields': [],
'hasFields': False,
'isNew': False,
'publish_date': '2015-01-01'
}
res = app.put_json(
url.format(form_id),
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_iform_upload_validate(self, app, group):
from pkg_resources import resource_filename
url = '/imports/codebooks/iform/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'mode': u'dry',
'study': u'DRSC'
}
iform = open(
resource_filename(
'tests.fixtures', 'iform_input_fixture.json'), 'r')
json_data = iform.read()
response = app.post(
url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.json', json_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
iform.close()
assert u'test_595_hiv_test_v04' in response.body
assert u'Codebook Import Status' in response.body
assert u'2013-10-21' in response.body
assert u'Fields evaluated' in response.body
def test_forms_versions_xhr(self, app, db_session, group):
# test same url with xhr
url = '/forms/test_schema/versions/2015-01-01'
environ = make_environ(userid=USERID, groups=[group])
res = app.get(url, extra_environ=environ, xhr=True)
assert 200 == res.status_code
def test_not_owner(self, app, db_session):
import transaction
from occams_datastore import models as datastore
with transaction.manager:
db_session.add(datastore.User(key='somebody_else'))
environ = make_environ(userid='somebody_else')
app.get(self.url, extra_environ=environ, status=403)
def test_not_allowed_forms_add(self, app, db_session, group):
url = '/forms/'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'name': 'test_form',
'title': 'test_form',
'versions': [],
'isNew': True,
'hasVersions': False
}
res = app.post_json(
url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_imports_qds_not_allowed(self, app, group):
url = '/imports/codebooks/qds'
environ = make_environ(userid=USERID, groups=[group])
response = app.get(url, extra_environ=environ, expect_errors=True)
assert response.status_code == 403
def test_not_allowed_forms_upload_json(self, app, db_session, group):
import json
url = '/forms/?files'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'title': 'OMG',
'storage': 'eav',
'publish_date': '2015-05-26',
"name": 'omg'
}
res = app.post(
url,
extra_environ=environ,
status='*',
upload_files=[('files', 'upload.json', json.dumps(data))],
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
xhr=True)
assert 403 == res.status_code
def test_qds_upload_codebook_not_allowed(self, app, group):
from pkg_resources import resource_filename
url = '/imports/codebooks/qds/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'mode': u'dry',
'delimiter': u'comma',
'study': u'DRSC'
}
qds = open(
resource_filename('tests.fixtures', 'qds_input_fixture.csv'), 'rb')
qds_data = qds.read()
response = app.post(
url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.csv', qds_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
qds.close()
assert response.status_code == 403
def test_not_allowed_specimen_add(app, db_session, group):
from occams_studies import models as studies
from occams_lims import models as lims
url = '/lims/test_location/add'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
cycle_id = db_session.query(studies.Cycle.id).filter(
studies.Cycle.name == u'test_cycle').scalar()
specimen_id = db_session.query(lims.SpecimenType.id).filter(
lims.SpecimenType.name == u'test_specimen').scalar()
data = {
'pid': u'123',
'cycle_id': cycle_id,
'specimen_type_id': specimen_id
}
res = app.post_json(
url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert res.status_code == 403
def test_imports_mappings_imputation(self, app, group):
url = '/imports/mappings/direct'
environ = make_environ(userid=USERID, groups=[group])
response = app.get(url, extra_environ=environ)
assert response.status_code == 200
def test_add_field(self, app, db_session, group):
url = '/forms/test_schema/versions/2015-01-01/fields'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {
'choiceInputType': 'radio',
'choices': [],
'name': 'test_field_add',
'title': 'test_title_add',
'description': 'test_desc_add',
'type': 'string',
'is_required': False,
'isNew': True,
'isSection': False,
'fields': [],
'isLimitAllowed': True,
'hasFields': False,
'index': 0
}
res = app.post_json(
url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data
)
assert 200 == res.status_code
def test_not_allowed(self, app, db_session, group):
environ = make_environ(groups=[group])
app.get(
self.url,
{'file': 'pid'},
extra_environ=environ,
xhr=True,
status=403)
def test_not_allowed(self, app, db_session, group):
environ = make_environ(userid=USERID, groups=[group])
res = app.post(
self.url,
extra_environ=environ,
xhr=True,
status='*')
assert 403 == res.status_code
def test_manage_external_services(self, app, db_session, group):
environ = make_environ(userid=USERID, groups=[group])
res = app.get(
self.url,
extra_environ=environ,
params={})
assert 200 == res.status_code
def test_allowed(self, app, db_session, group):
environ = make_environ(userid=USERID, groups=[group])
res = app.get(self.url,
extra_environ=environ,
status='*',
xhr=True,
params={})
assert 200 == res.status_code
def test_allowed(self, app, db_session, group):
from occams_datastore import models as datastore
environ = make_environ(userid=USERID, groups=[group])
entity_id = db_session.query(datastore.Entity.id).filter(
datastore.Entity.schema.has(name=u'test_schema')).scalar()
res = app.post(self.url.format(entity_id),
extra_environ=environ,
params={'id_1': entity_id})
assert 200 == res.status_code
def test_not_owner(self, app, db_session):
import transaction
from occams_datastore import models as datastore
with transaction.manager:
db_session.add(datastore.User(key='somebody_else'))
environ = make_environ(userid='somebody_else')
csrf_token = get_csrf_token(app, environ)
app.delete(self.url,
extra_environ=environ,
headers={'X-CSRF-Token': csrf_token},
xhr=True,
status=403)
def test_not_allowed_aliquot_labels_post(app, group):
url = '/lims/test_location/aliquot_labels'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
res = app.post(url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
})
assert res.status_code == 403
def test_allowed(self, app, db_session, group):
from occams_datastore import models as datastore
environ = make_environ(userid=USERID, groups=[group])
form_id = db_session.query(datastore.Schema.id).filter(
datastore.Schema.name == u'test_schema').scalar()
entity_id = db_session.query(datastore.Entity.id).filter(
datastore.Entity.schema_id == form_id).scalar()
res = app.get(self.url.format(entity_id), extra_environ=environ)
assert 200 == res.status_code
def test_not_allowed(self, app, db_session, group):
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
res = app.delete_json(self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params={})
assert 403 == res.status_code
def test_allowed(self, app, group):
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
res = app.get(self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
xhr=True,
params={})
assert 200 == res.status_code
def test_allowed(self, app, group):
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {'name': 'TestDelete', 'title': 'TestDelete', 'week': 4}
res = app.put_json(self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 200 == res.status_code
def test_allowed(self, app, db_session, group):
environ = make_environ(userid=USERID, groups=[group])
res = app.get(self.url, extra_environ=environ, xhr=True)
data = res.json
csrf_token = get_csrf_token(app, environ)
res = app.delete_json(
self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token
},
params=data)
assert 200 == res.status_code
def test_not_allowed(self, app, group):
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {'title': 'test_study Week 1', 'week': '1'}
res = app.post_json(self.url.format('test_study'),
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_get_all_schemas_not_allowed(self, app, group):
url = '/imports/schemas'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
response = app.get(url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params={})
assert response.status_code == 403
def test_not_allowed(self, app, db_session, group):
from occams_studies import models as studies
environ = make_environ(userid=USERID, groups=[group])
enrollment_id = db_session.query(studies.Enrollment.id).filter(
studies.Study.name == u'test_study').scalar()
data = {'id_1': enrollment_id}
res = app.get(self.url.format(enrollment_id),
extra_environ=environ,
status='*',
xhr=True,
params=data)
assert 403 == res.status_code
def test_allowed(self, app, db_session, group):
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {'name': u'test',
'title': u'test_title',
'short_title': u'test2',
'code': u'test3',
'consent_date': '2015-01-01'}
res = app.post_json(
self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token
},
params=data)
assert 200 == res.status_code
def test_not_allowed(self, app, db_session, group):
from occams_studies import models as studies
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
enrollment_id = db_session.query(studies.Enrollment.id).filter(
studies.Study.name == u'test_study').scalar()
res = app.delete_json(self.url.format(enrollment_id),
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params={})
assert 403 == res.status_code
def test_mappings_delete_not_allowed(self, app, group):
url = '/imports/mappings/delete'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {'mapped_delete': []}
response = app.delete_json(url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH':
str('XMLHttpRequest')
},
params=data)
assert response.status_code == 403
def test_occams_codebook_insert(self, app, db_session, group):
import datetime
from pkg_resources import resource_filename
from occams_datastore import models as datastore
url = '/imports/codebooks/occams/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {'mode': None, 'study': u'DRSC', 'delimiter': u'comma'}
codebook = open(resource_filename('tests.fixtures', 'codebook.csv'),
'rb')
csv_data = codebook.read()
app.post(url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.csv', csv_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
codebook.close()
form = db_session.query(datastore.Schema).one()
attributes = db_session.query(datastore.Attribute).filter(
datastore.Schema.id == form.id).order_by(
datastore.Attribute.name).all()
assert form.name == u'ClinicalAssessment595vitd'
assert form.title == u'595 Vitamin D - Clinical Assessment'
assert form.publish_date == datetime.date(2014, 10, 23)
assert attributes[0].name == u'cont'
assert attributes[2].name == u'frac'
expected_title = u'Has the subject had any fractures since the visit?'
assert attributes[2].title == expected_title
assert attributes[2].choices['0'].title == u'No'
def test_not_allowed(self, app, db_session, group):
from occams_studies import models as studies
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
visit_date = db_session.query(studies.Visit.visit_date).filter(
studies.Patient.pid == u'123').scalar()
res = app.delete(self.url.format(visit_date),
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
xhr=True,
params={})
assert 403 == res.status_code
def test_qds_insert(self, app, db_session, group):
import datetime
from pkg_resources import resource_filename
from occams_datastore import models as datastore
url = '/imports/codebooks/qds/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {'mode': None, 'study': u'DRSC', 'delimiter': u'comma'}
qds = open(
resource_filename('tests.fixtures', 'qds_input_fixture.csv'), 'rb')
qds_data = qds.read()
app.post(url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.csv', qds_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
qds.close()
form = db_session.query(datastore.Schema).one()
attributes = db_session.query(datastore.Attribute).filter(
datastore.Schema.id == form.id).order_by(
datastore.Attribute.name).all()
assert form.name == u'Test_Schema_Title'
assert form.title == u'Test Schema Title'
assert form.publish_date == datetime.date(2015, 8, 11)
assert attributes[0].name == u'BIRTHSEX'
assert attributes[1].name == u'GENDER'
assert attributes[2].name == u'TODAY'
assert attributes[0].type == u'choice'
assert attributes[1].type == u'choice'
assert attributes[2].type == u'string'
def test_not_allowed(self, app, db_session, group):
from occams_datastore import models as datastore
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
form_id = db_session.query(datastore.Schema.id).filter(
datastore.Schema.name == u'test_schema').scalar()
data = {'schema': form_id, 'collect_date': '2015-01-01'}
res = app.post_json(self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_allowed(self, app, db_session, group):
from occams_datastore import models as datastore
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
form_id = db_session.query(datastore.Schema.id).filter(
datastore.Schema.name == u'test_schema').scalar()
entity_id = db_session.query(datastore.Entity.id).filter(
datastore.Entity.schema_id == form_id).scalar()
res = app.delete_json(self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params={'forms': [entity_id]})
assert 200 == res.status_code
def test_iform_insert(self, app, db_session, group):
import datetime
from pkg_resources import resource_filename
from occams_datastore import models as datastore
url = '/imports/codebooks/iform/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {'mode': None, 'study': u'DRSC'}
iform = open(
resource_filename('tests.fixtures', 'iform_input_fixture.json'),
'r')
json_data = iform.read()
app.post(url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.json', json_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
iform.close()
form = db_session.query(datastore.Schema).one()
attributes = db_session.query(datastore.Attribute).filter(
datastore.Schema.id == form.id).order_by(
datastore.Attribute.name).all()
assert form.name == u'test_595_hiv_test_v04'
assert form.title == u'test_595_hiv_test_v04'
assert form.publish_date == datetime.date(2013, 10, 21)
assert attributes[0].choices['2'].name == u'2'
assert attributes[0].choices['2'].title == u'Dont know'
assert attributes[0].choices['2'].order == 2
def test_not_allowed(self, app, db_session, group):
from occams_studies import models as studies
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
site = db_session.query(
studies.Site).filter(studies.Site.name == u'UCSD').one()
site_id = site.id
data = {'site': site_id, 'references': []}
res = app.post_json(self.url,
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_occams_upload(self, app, group, datadir):
url = '/imports/codebooks/occams/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {'mode': u'dry', 'delimiter': u'comma', 'study': u'DRSC'}
codebook = datadir.join('codebook.csv').open()
csv_data = codebook.read()
response = app.post(url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.csv', csv_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
codebook.close()
assert response.status_code == 200
def test_qds_upload_codebook_not_allowed(self, app, group, datadir):
url = '/imports/codebooks/qds/status'
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
data = {'mode': u'dry', 'delimiter': u'comma', 'study': u'DRSC'}
qds = datadir.join('qds_input_fixture.csv').open()
qds_data = qds.read()
response = app.post(url,
extra_environ=environ,
expect_errors=True,
upload_files=[('codebook', 'test.csv', qds_data)],
headers={
'X-CSRF-Token': csrf_token,
},
params=data)
qds.close()
assert response.status_code == 403
def test_not_allowed(self, app, db_session, group):
from occams_studies import models as studies
environ = make_environ(userid=USERID, groups=[group])
csrf_token = get_csrf_token(app, environ)
visit_date = db_session.query(studies.Visit.visit_date).filter(
studies.Patient.pid == u'123').scalar()
cycle_id = db_session.query(studies.Cycle.id).filter(
studies.Cycle.name == u'TestCycle').scalar()
data = {'cycles': [cycle_id], 'visit_date': '2015-01-02'}
res = app.put_json(self.url.format(visit_date),
extra_environ=environ,
status='*',
headers={
'X-CSRF-Token': csrf_token,
'X-REQUESTED-WITH': str('XMLHttpRequest')
},
params=data)
assert 403 == res.status_code
def test_not_allowed_settings(app, group):
url = '/lims/settings'
environ = make_environ(userid=USERID, groups=[group])
res = app.get(url, extra_environ=environ, status='*')
assert res.status_code == 403
def test_lims_view_list(app, group):
url = '/lims/'
environ = make_environ(userid=USERID, groups=[group])
res = app.get(url, extra_environ=environ)
assert res.status_code == 200
def test_not_allowed_lab_checkout_update(app, group):
url = '/lims/test_location/bulkupdate'
environ = make_environ(userid=USERID, groups=[group])
res = app.get(url, extra_environ=environ, status='*')
assert res.status_code == 403
def test_not_allowed_lims_lab_view(app, group):
url = '/lims/test_location'
environ = make_environ(userid=USERID, groups=[group])
res = app.get(url, extra_environ=environ, status='*')
assert res.status_code == 403
def test_lab_checkin(app, group):
url = '/lims/test_location/checkin'
environ = make_environ(userid=USERID, groups=[group])
res = app.get(url, extra_environ=environ, status='*')
assert res.status_code == 200
