def create(self):
"""
Create a new badge in the system
"""
# Check if user is allowed to create a badge
require.badge.create()
import shutil
label = request.params['badge-label']
description = request.params['badge-description']
image = request.POST['badge-image']
try:
# Get upload directory for Badge and generate a random filename
upload_dir = h.get_object_upload_dir(Badge)
random_filename = h.get_uuid_filename(image.filename)
# Open the filename and copy the uploaded image
permanent_filename = os.path.join(upload_dir, random_filename)
permanent_image = open(permanent_filename, 'w')
shutil.copyfileobj(image.file, permanent_image)
upload_image_path = h.upload(random_filename, Badge)
# Close image files
image.file.close()
permanent_image.close()
except OSError:
upload_image_path = ''
h.flash_error(_('Uploading files not supported at the moment.'))
badge = Badge(label, upload_image_path, description, c.account)
db.session.add(badge)
db.session.commit()
redirect(h.url_for(controller='badge', action='information',
id=badge.id))
def test_give_badge(self):
"""
Test giving dataset a badge. Only administrators should be able to
give datasets a badge.
"""
badge = Badge('give-me', 'testimage', 'give me', self.admin)
db.session.add(badge)
db.session.commit()
# Check if non-user can award badges
response = self.app.post(url(controller='badge',
action='give',
dataset='cra'),
params={'badge': badge.id},
expect_errors=True)
# Check if it returned Forbidden (which is http status code 403)
# This should actually return 401 Unauthorized but that's an
# authentication implementation failure (which should be fixed)
assert '403' in response.status, \
"Non-user should get an error when trying to give a badge"
# Check to see that badge hasn't been awarded to any datasets
badge_json = self.app.get(
url(controller='badge',
action='information',
id=badge.id,
format='json'))
badge_info = json.loads(badge_json.body)
assert len(badge_info['badge']['datasets']) == 0, \
"A non-user was able to award a badge"
# Check if normal user can award badges
response = self.app.post(url(controller='badge',
action='give',
dataset='cra'),
params={'badge': badge.id},
extra_environ={'REMOTE_USER': '******'},
expect_errors=True)
# Check if it returned Forbidden (which is http status code 403)
assert '403' in response.status, \
"A normal user should get an error when trying to give a badge"
# Check to see that badge hasn't been awarded to any datasets
badge_json = self.app.get(
url(controller='badge',
action='information',
id=badge.id,
format='json'))
badge_info = json.loads(badge_json.body)
assert len(badge_info['badge']['datasets']) == 0, \
"A normal user was able to award a badge"
# Finally we check if admin user can award badges
response = self.app.post(url(controller='badge',
action='give',
dataset='cra'),
params={'badge': 'not an id'},
extra_environ={'REMOTE_USER': '******'},
expect_errors=True)
# Check to see that badge hasn't been awarded to the dataset
badge_json = self.app.get(
url(controller='badge',
action='information',
id=badge.id,
format='json'))
badge_info = json.loads(badge_json.body)
# Check if admin was able to give the badge to a dataset
assert len(badge_info['badge']['datasets']) == 0, \
"Admin user was able to award a badge"
# Finally we check if admin user can award badges
response = self.app.post(url(controller='badge',
action='give',
dataset='cra'),
params={'badge': badge.id},
extra_environ={'REMOTE_USER': '******'})
# Check to see that badge has been awarded to the dataset
badge_json = self.app.get(
url(controller='badge',
action='information',
id=badge.id,
format='json'))
badge_info = json.loads(badge_json.body)
# Check if admin was able to give the badge to a dataset
assert len(badge_info['badge']['datasets']) == 1, \
"Admin user wasn't able to award a badge"
# Check if admin gave it to the write dataset
assert self.dataset.name in badge_info['badge']['datasets'], \
"Admin user gave the badge to the incorrect dataset"
