def test_password_change_clears_sessions(self):
SessionFactory(user=self.user)
SessionFactory(user=self.user)
SessionFactory(user=self.user)
assert Session.find().count() == 3
self.user.set_password('killerqueen')
assert Session.find().count() == 0
def test_password_change_clears_sessions(self):
SessionFactory(user=self.user)
SessionFactory(user=self.user)
SessionFactory(user=self.user)
assert Session.find().count() == 3
self.user.set_password('killerqueen')
assert Session.find().count() == 0
def test_remove(self):
session, session2 = Session(data={'auth_user_id': '123ab'}), Session(data={'auth_user_id': 'ab123'})
session.save()
session2.save()
assert Session.objects.count() == 2 # sanity check
Session.remove(Q('data.auth_user_id', 'eq', '123ab'))
assert Session.objects.count() == 1
def test_remove(self):
session, session2 = Session(data={'auth_user_id': '123ab'}), Session(data={'auth_user_id': 'ab123'})
session.save()
session2.save()
assert Session.objects.count() == 2 # sanity check
Session.objects.filter(data__auth_user_id='123ab').delete()
assert Session.objects.count() == 1
def remove_session(session):
"""
Remove a session from database
:param session: Session
:return:
"""
from osf.models import Session
Session.remove_one(session)
def test_remove(self):
session, session2 = Session(data={'auth_user_id': '123ab'}), Session(
data={'auth_user_id': 'ab123'})
session.save()
session2.save()
assert Session.objects.count() == 2 # sanity check
Session.objects.filter(data__auth_user_id='123ab').delete()
assert Session.objects.count() == 1
def test_cookie_has_admin(self):
session = Session(data={'auth_user_id': self.user._id})
session.save()
cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(session._id)
self.app.set_cookie(settings.COOKIE_NAME, str(cookie))
res = self.app.get(self.url)
assert_equal(res.status_code, 200)
assert_equal(res.json['meta']['admin'], True)
def setUp(self):
super(TestSloanMetrics, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.preprint = PreprintFactory(creator=self.user, is_public=True)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id).decode()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def setUp(self):
super(TestAddonLogs, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
def test_cookie_has_admin(self):
session = Session(data={'auth_user_id': self.user._id})
session.save()
cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(session._id)
self.app.set_cookie(settings.COOKIE_NAME, str(cookie))
res = self.app.get(self.url)
assert_equal(res.status_code, 200)
assert_equal(res.json['meta']['admin'], True)
def setUp(self):
super(TestAddonAuth, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def remove_sessions_for_user(user):
"""
Permanently remove all stored sessions for the user from the DB.
:param user: User
:return:
"""
from osf.models import Session
Session.remove(Q('data.auth_user_id', 'eq', user._id))
def test_log_logged_in(self, mock_capture):
user = UserFactory()
session_record = Session()
session_record.data['auth_user_id'] = user._id
set_session(session_record)
sentry.log_exception()
mock_capture.assert_called_with(extra={
'session': {
'auth_user_id': user._id,
},
}, )
def test_log_logged_in(self, mock_capture):
user = UserFactory()
session_record = Session()
session_record.data['auth_user_id'] = user._id
set_session(session_record)
sentry.log_exception()
mock_capture.assert_called_with(
extra={
'session': {
'auth_user_id': user._id,
},
},
)
def test_cookied_requests_can_create_and_email(self, mock_mail, app, user,
email_unconfirmed, data,
url_base):
session = Session(data={'auth_user_id': user._id})
session.save()
cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(session._id)
app.set_cookie(settings.COOKIE_NAME, str(cookie))
assert OSFUser.objects.filter(username=email_unconfirmed).count() == 0
res = app.post_json_api('{}?send_email=true'.format(url_base), data)
assert res.status_code == 201
assert OSFUser.objects.filter(username=email_unconfirmed).count() == 1
assert mock_mail.call_count == 1
def test_cookied_requests_can_create_and_email(self, mock_mail):
session = Session(data={'auth_user_id': self.user._id})
session.save()
cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(session._id)
self.app.set_cookie(settings.COOKIE_NAME, str(cookie))
assert_equal(User.find(Q('username', 'eq', self.unconfirmed_email)).count(), 0)
res = self.app.post_json_api(
'{}?send_email=true'.format(self.base_url),
self.data
)
assert_equal(res.status_code, 201)
assert_equal(User.find(Q('username', 'eq', self.unconfirmed_email)).count(), 1)
assert_equal(mock_mail.call_count, 1)
def test_cookied_requests_can_create_and_email(
self, mock_mail, app, user, email_unconfirmed, data, url_base):
session = Session(data={'auth_user_id': user._id})
session.save()
cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(session._id)
app.set_cookie(settings.COOKIE_NAME, str(cookie))
assert OSFUser.objects.filter(username=email_unconfirmed).count() == 0
res = app.post_json_api(
'{}?send_email=true'.format(url_base),
data
)
assert res.status_code == 201
assert OSFUser.objects.filter(username=email_unconfirmed).count() == 1
assert mock_mail.call_count == 1
def test_serialize_revision(self):
sessions.sessions[request._get_current_object()] = Session()
utils.update_analytics(self.project, self.record, 0)
utils.update_analytics(self.project, self.record, 0)
utils.update_analytics(self.project, self.record, 2)
expected = {
'index': 1,
'user': {
'name': self.user.fullname,
'url': self.user.url,
},
'date': self.versions[0].created.isoformat(),
'downloads': 2,
'md5': None,
'sha256': None,
}
observed = utils.serialize_revision(
self.project,
self.record,
self.versions[0],
0,
)
assert_equal(expected, observed)
assert_equal(self.record.get_download_count(), 3)
assert_equal(self.record.get_download_count(version=2), 1)
assert_equal(self.record.get_download_count(version=0), 2)
def test_log_not_logged_in(self, mock_capture):
session_record = Session()
set_session(session_record)
sentry.log_exception()
mock_capture.assert_called_with(extra={
'session': {},
}, )
class TestSloanMetrics(OsfTestCase):
def setUp(self):
super(TestSloanMetrics, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.preprint = PreprintFactory(creator=self.user, is_public=True)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id).decode()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def build_url(self, **kwargs):
options = {'payload': jwe.encrypt(jwt.encode({'data': dict(dict(
action='download',
nid=self.preprint._id,
metrics={'uri': settings.MFR_SERVER_URL},
provider='osfstorage'), **kwargs),
'exp': timezone.now() + datetime.timedelta(seconds=settings.WATERBUTLER_JWT_EXPIRATION),
}, settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM), self.JWE_KEY)}
return api_url_for('get_auth', **options)
@mock.patch('osf.metrics.PreprintDownload.record_for_preprint')
def test_unauth_user_downloads_preprint(self, mock_record):
test_file = create_test_preprint_file(self.preprint, self.user)
resp = django_app.get('/v2/')
# tests unauthenticated user gets cookie.
assert f'{SLOAN_ID_COOKIE_NAME}=' in resp.headers.get('Set-Cookie')
sloan_cookie_value = resp.headers['Set-Cookie'].split('=')[1].split(';')[0]
# tests cookies get sent to impact
self.app.set_cookie(f'dwf_{SLOAN_COI_DISPLAY}', 'True')
self.app.set_cookie(f'dwf_{SLOAN_DATA_DISPLAY}', 'False')
self.app.set_cookie(SLOAN_ID_COOKIE_NAME, sloan_cookie_value)
with override_switch(ELASTICSEARCH_METRICS, active=True):
self.app.get(self.build_url(path=test_file.path))
mock_record.assert_called_with(
path=test_file.path,
preprint=self.preprint,
user=None,
version='1',
sloan_coi=1,
sloan_data=0,
sloan_id=sloan_cookie_value,
)
def test_file_guid_created_with_cookie(self, mock_allow, app, user, file_url, file):
session = Session(data={'auth_user_id': user._id})
session.save()
cookie = itsdangerous.Signer(website_settings.SECRET_KEY).sign(session._id)
app.set_cookie(website_settings.COOKIE_NAME, str(cookie))
res = app.get('{}?create_guid=1'.format(file_url), auth=user.auth)
app.reset() # clear cookie
assert res.status_code == 200
guid = res.json['data']['attributes'].get('guid', None)
assert guid is not None
assert guid == file.get_guid()._id
assert mock_allow.call_count == 1
def test_remove_session_for_user(self):
SessionFactory(user=self.user)
# sanity check
assert Session.find().count() == 1
utils.remove_sessions_for_user(self.user)
assert Session.find().count() == 0
SessionFactory()
SessionFactory(user=self.user)
# sanity check
assert Session.find().count() == 2
utils.remove_sessions_for_user(self.user)
assert Session.find().count() == 1
def test_file_guid_created_with_cookie(self, mock_allow, app, user, file_url, file):
session = Session(data={'auth_user_id': user._id})
session.save()
cookie = itsdangerous.Signer(website_settings.SECRET_KEY).sign(session._id)
app.set_cookie(website_settings.COOKIE_NAME, str(cookie))
res = app.get('{}?create_guid=1'.format(file_url), auth=user.auth)
app.reset() # clear cookie
assert res.status_code == 200
guid = res.json['data']['attributes'].get('guid', None)
assert guid is not None
assert guid == file.get_guid()._id
assert mock_allow.call_count == 1
def test_remove_session_for_user(self):
SessionFactory(user=self.user)
# sanity check
assert Session.find().count() == 1
utils.remove_sessions_for_user(self.user)
assert Session.find().count() == 0
SessionFactory()
SessionFactory(user=self.user)
# sanity check
assert Session.find().count() == 2
utils.remove_sessions_for_user(self.user)
assert Session.find().count() == 1
def setUp(self):
super(TestAddonLogs, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
def test_remove(self):
session, session2 = Session(data={'auth_user_id': '123ab'}), Session(data={'auth_user_id': 'ab123'})
session.save()
session2.save()
assert Session.objects.count() == 2 # sanity check
Session.remove(Q('data.auth_user_id', 'eq', '123ab'))
assert Session.objects.count() == 1
def setUp(self):
super(TestAddonAuth, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def test_confirm_email(self, mock_mail):
user = UnregUserFactory()
auth.register_unconfirmed(
username=user.username,
password='******',
fullname='Rosie',
)
user.reload()
token = user.get_confirmation_token(user.username)
res = self.app.get('/confirm/{}/{}'.format(user._id, token),
allow_redirects=False)
res = res.follow()
assert_equal(res.status_code, 302)
assert_in('login?service=', res.location)
user.reload()
mock_mail.assert_called()
assert_equal(len(mock_mail.call_args_list), 1)
empty, kwargs = mock_mail.call_args
kwargs['user'].reload()
assert_equal(empty, ())
assert_equal(
kwargs, {
'user': user,
'mimetype': 'html',
'mail': mails.WELCOME,
'to_addr': user.username,
})
self.app.set_cookie(settings.COOKIE_NAME, user.get_or_create_cookie())
res = self.app.get('/confirm/{}/{}'.format(user._id, token))
res = res.follow()
assert_equal(res.status_code, 302)
assert_equal('/', urlparse.urlparse(res.location).path)
assert_equal(len(mock_mail.call_args_list), 1)
session = Session.find(Q('data.auth_user_id', 'eq',
user._id)).order_by('-date_modified').first()
assert_equal(len(session.data['status']), 1)
def test_anon_revisions(self):
sessions.sessions[request._get_current_object()] = Session()
utils.update_analytics(self.project, self.record, 0)
utils.update_analytics(self.project, self.record, 0)
utils.update_analytics(self.project, self.record, 2)
expected = {
'index': 2,
'user': None,
'date': self.versions[0].created.isoformat(),
'downloads': 0,
'md5': None,
'sha256': None,
}
observed = utils.serialize_revision(self.project,
self.record,
self.versions[0],
1,
anon=True)
assert_equal(expected, observed)
def setUp(self):
decoratorapp = Flask('decorators')
self.ctx = decoratorapp.test_request_context()
self.ctx.push()
# TODO: Think of something better @sloria @jmcarp
sessions.set_session(Session())
class TestAddonLogs(OsfTestCase):
def setUp(self):
super(TestAddonLogs, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def configure_osf_addon(self):
self.project = ProjectFactory(creator=self.user)
self.node_addon = self.project.get_addon('osfstorage')
self.node_addon.save()
def build_payload(self, metadata, **kwargs):
options = dict(
auth={'id': self.user._id},
action='create',
provider=self.node_addon.config.short_name,
metadata=metadata,
time=time.time() + 1000,
)
options.update(kwargs)
options = {
key: value
for key, value in options.iteritems()
if value is not None
}
message, signature = signing.default_signer.sign_payload(options)
return {
'payload': message,
'signature': signature,
}
@mock.patch('website.notifications.events.files.FileAdded.perform')
@mock.patch('requests.get',{'code': 404, 'referrer': None,'message_short': 'Page not found'})
def test_add_log_timestamptoken(self, mock_perform):
from osf.models import RdmFileTimestamptokenVerifyResult, NodeLog
from api_tests.utils import create_test_file
from website.views import userkey_generation
result_list1_count = RdmFileTimestamptokenVerifyResult.objects.filter(project_id=self.node._id).count()
nodelog_count1 = NodeLog.objects.all().count()
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
userkey_generation(self.user._id)
file_node = create_test_file(node=self.node, user=self.user, filename=path)
file_node._path = '/' + path
file_node.save()
metadata = {
'path': path,
'provider': 'osfstorage',
'name': path,
'materialized': '/' + path,
'extra': {
'version': 1
}
}
payload = self.build_payload(metadata=metadata)
logging.info('---test_add_log_timestamptoken.payload: {}'.format(payload))
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
nodelog_count2 = NodeLog.objects.all().count()
assert_equal(nodelog_count1 + 1, nodelog_count2)
result_list2 = RdmFileTimestamptokenVerifyResult.objects.filter(project_id=self.node._id)
assert_true(mock_perform.called, 'perform not called')
## tearDown
import os
from api.base import settings as api_settings
from osf.models import RdmUserKey
rdmuserkey_pvt_key = RdmUserKey.objects.get(guid=self.user.id, key_kind=api_settings.PRIVATE_KEY_VALUE)
pvt_key_path = os.path.join(api_settings.KEY_SAVE_PATH, rdmuserkey_pvt_key.key_name)
os.remove(pvt_key_path)
rdmuserkey_pvt_key.delete()
rdmuserkey_pub_key = RdmUserKey.objects.get(guid=self.user.id, key_kind=api_settings.PUBLIC_KEY_VALUE)
pub_key_path = os.path.join(api_settings.KEY_SAVE_PATH, rdmuserkey_pub_key.key_name)
os.remove(pub_key_path)
rdmuserkey_pub_key.delete()
@mock.patch('website.notifications.events.files.FileAdded.perform')
def test_add_log(self, mock_perform):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
# # Mocking form_message and perform so that the payload need not be exact.
# assert_true(mock_form_message.called, "form_message not called")
assert_true(mock_perform.called, 'perform not called')
def test_add_log_missing_args(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth=None)
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_user(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth={'id': None})
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_addon(self):
path = 'pizza'
node = ProjectFactory(creator=self.user)
url = node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(node.logs.count(), nlogs)
def test_add_log_bad_action(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, action='dance')
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_action_file_rename(self):
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(
action='rename',
metadata={
'path': 'foo',
},
source={
'materialized': 'foo',
'provider': 'github',
'node': {'_id': self.node._id},
'name': 'new.txt',
'kind': 'file',
},
destination={
'path': 'foo',
'materialized': 'foo',
'provider': 'github',
'node': {'_id': self.node._id},
'name': 'old.txt',
'kind': 'file',
},
)
self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'}
)
self.node.reload()
assert_equal(
self.node.logs.latest().action,
'github_addon_file_renamed',
)
def test_action_downloads(self):
url = self.node.api_url_for('create_waterbutler_log')
download_actions=('download_file', 'download_zip')
for action in download_actions:
payload = self.build_payload(metadata={'path': 'foo'}, action=action)
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=False,
)
assert_equal(res.status_code, 200)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_file_osfstorage_log(self):
self.configure_osf_addon()
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'materialized': path, 'kind': 'file', 'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
assert('urls' in self.node.logs.filter(action='osf_storage_file_added')[0].params)
def test_add_folder_osfstorage_log(self):
self.configure_osf_addon()
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'materialized': path, 'kind': 'folder', 'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
assert('urls' not in self.node.logs.filter(action='osf_storage_file_added')[0].params)
class TestViewUtils(OsfTestCase):
def setUp(self):
super(TestViewUtils, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def test_serialize_addons(self):
addon_dicts = serialize_addons(self.node, self.auth_obj)
enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
assert len(enabled_addons) == 2
assert enabled_addons[0]['short_name'] == 'github'
assert enabled_addons[1]['short_name'] == 'osfstorage'
default_addons = [addon for addon in addon_dicts if addon['default']]
assert len(default_addons) == 1
assert default_addons[0]['short_name'] == 'osfstorage'
def test_include_template_json(self):
""" Some addons (github, gitlab) need more specialized template infomation so we want to
ensure we get those extra variables that when the addon is enabled.
"""
addon_dicts = serialize_addons(self.node, self.auth_obj)
enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
assert len(enabled_addons) == 2
assert enabled_addons[1]['short_name'] == 'osfstorage'
assert enabled_addons[0]['short_name'] == 'github'
assert 'node_has_auth' in enabled_addons[0]
assert 'valid_credentials' in enabled_addons[0]
def test_collect_node_config_js(self):
addon_dicts = serialize_addons(self.node, self.auth_obj)
asset_paths = collect_node_config_js(addon_dicts)
# Default addons should be in addon dicts, but they have no js assets because you can't
# connect/disconnect from them, think osfstorage, there's no node-cfg for that.
default_addons = [addon['short_name'] for addon in addon_dicts if addon['default']]
assert not any('/{}/'.format(addon) in asset_paths for addon in default_addons)
class TestAddonAuth(OsfTestCase):
def setUp(self):
super(TestAddonAuth, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def build_url(self, **kwargs):
options = {'payload': jwe.encrypt(jwt.encode({'data': dict(dict(
action='download',
nid=self.node._id,
provider=self.node_addon.config.short_name), **kwargs),
'exp': timezone.now() + datetime.timedelta(seconds=settings.WATERBUTLER_JWT_EXPIRATION),
}, settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM), self.JWE_KEY)}
return api_url_for('get_auth', **options)
def test_auth_download(self):
url = self.build_url()
res = self.app.get(url, auth=self.user.auth)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_missing_args(self):
url = self.build_url(cookie=None)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_bad_cookie(self):
url = self.build_url(cookie=self.cookie)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 200)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_cookie(self):
url = self.build_url(cookie=self.cookie[::-1])
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_missing_addon(self):
url = self.build_url(provider='queenhub')
res = self.app.get(url, expect_errors=True, auth=self.user.auth)
assert_equal(res.status_code, 400)
@mock.patch('addons.base.views.cas.get_client')
def test_auth_bad_bearer_token(self, mock_cas_client):
mock_cas_client.return_value = mock.Mock(profile=mock.Mock(return_value=cas.CasResponse(authenticated=False)))
url = self.build_url()
res = self.app.get(url, headers={'Authorization': 'Bearer invalid_access_token'}, expect_errors=True)
assert_equal(res.status_code, 403)
def test_remove_session(self):
session = SessionFactory(user=self.user)
assert Session.find().count() == 1
utils.remove_session(session)
assert Session.find().count() == 0
def tearDown(self, *args, **kwargs):
super(SessionUtilsTestCase, self).tearDown(*args, **kwargs)
User.remove()
Session.remove()
class TestViewUtils(OsfTestCase):
def setUp(self):
super(TestViewUtils, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def test_serialize_addons(self):
addon_dicts = serialize_addons(self.node, self.auth_obj)
enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
assert len(enabled_addons) == 2
assert enabled_addons[0]['short_name'] == 'github'
assert enabled_addons[1]['short_name'] == 'osfstorage'
default_addons = [addon for addon in addon_dicts if addon['default']]
assert len(default_addons) == 1
assert default_addons[0]['short_name'] == 'osfstorage'
def test_include_template_json(self):
""" Some addons (github, gitlab) need more specialized template infomation so we want to
ensure we get those extra variables that when the addon is enabled.
"""
addon_dicts = serialize_addons(self.node, self.auth_obj)
enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
assert len(enabled_addons) == 2
assert enabled_addons[1]['short_name'] == 'osfstorage'
assert enabled_addons[0]['short_name'] == 'github'
assert 'node_has_auth' in enabled_addons[0]
assert 'valid_credentials' in enabled_addons[0]
def test_collect_node_config_js(self):
addon_dicts = serialize_addons(self.node, self.auth_obj)
asset_paths = collect_node_config_js(addon_dicts)
# Default addons should be in addon dicts, but they have no js assets because you can't
# connect/disconnect from them, think osfstorage, there's no node-cfg for that.
default_addons = [addon['short_name'] for addon in addon_dicts if addon['default']]
assert not any('/{}/'.format(addon) in asset_paths for addon in default_addons)
def tearDown(self, *args, **kwargs):
super(SessionUtilsTestCase, self).tearDown(*args, **kwargs)
User.remove()
Session.remove()
def test_remove_session(self):
session = SessionFactory(user=self.user)
assert Session.find().count() == 1
utils.remove_session(session)
assert Session.find().count() == 0
class TestAddonLogs(OsfTestCase):
def setUp(self):
super(TestAddonLogs, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(
self.session._id)
self.configure_addon()
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {
self.oauth_settings._id: []
}
self.user_addon.save()
def build_payload(self, metadata, **kwargs):
options = dict(
auth={'id': self.user._id},
action='create',
provider=self.node_addon.config.short_name,
metadata=metadata,
time=time.time() + 1000,
)
options.update(kwargs)
options = {
key: value
for key, value in options.iteritems() if value is not None
}
message, signature = signing.default_signer.sign_payload(options)
return {
'payload': message,
'signature': signature,
}
@mock.patch('website.notifications.events.files.FileAdded.perform')
def test_add_log(self, mock_perform):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url,
payload,
headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
# # Mocking form_message and perform so that the payload need not be exact.
# assert_true(mock_form_message.called, "form_message not called")
assert_true(mock_perform.called, 'perform not called')
def test_add_log_missing_args(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth=None)
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_user(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path},
auth={'id': None})
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_addon(self):
path = 'pizza'
node = ProjectFactory(creator=self.user)
url = node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(node.logs.count(), nlogs)
def test_add_log_bad_action(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, action='dance')
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_action_file_rename(self):
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(
action='rename',
metadata={
'path': 'foo',
},
source={
'materialized': 'foo',
'provider': 'github',
'node': {
'_id': self.node._id
},
'name': 'new.txt',
'kind': 'file',
},
destination={
'path': 'foo',
'materialized': 'foo',
'provider': 'github',
'node': {
'_id': self.node._id
},
'name': 'old.txt',
'kind': 'file',
},
)
self.app.put_json(url,
payload,
headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(
self.node.logs.latest().action,
'github_addon_file_renamed',
)
def test_is_authenticated(self):
session = Session(data={'auth_user_id': 'abc12'})
assert session.is_authenticated
session2 = Session()
assert session2.is_authenticated is False
class TestAddonAuth(OsfTestCase):
def setUp(self):
super(TestAddonAuth, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def build_url(self, **kwargs):
options = {'payload': jwe.encrypt(jwt.encode({'data': dict(dict(
action='download',
nid=self.node._id,
provider=self.node_addon.config.short_name), **kwargs),
'exp': timezone.now() + datetime.timedelta(seconds=settings.WATERBUTLER_JWT_EXPIRATION),
}, settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM), self.JWE_KEY)}
return api_url_for('get_auth', **options)
def test_auth_download(self):
url = self.build_url()
res = self.app.get(url, auth=self.user.auth)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_missing_args(self):
url = self.build_url(cookie=None)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_bad_cookie(self):
url = self.build_url(cookie=self.cookie)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 200)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_cookie(self):
url = self.build_url(cookie=self.cookie[::-1])
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_missing_addon(self):
url = self.build_url(provider='queenhub')
res = self.app.get(url, expect_errors=True, auth=self.user.auth)
assert_equal(res.status_code, 400)
@mock.patch('addons.base.views.cas.get_client')
def test_auth_bad_bearer_token(self, mock_cas_client):
mock_cas_client.return_value = mock.Mock(profile=mock.Mock(return_value=cas.CasResponse(authenticated=False)))
url = self.build_url()
res = self.app.get(url, headers={'Authorization': 'Bearer invalid_access_token'}, expect_errors=True)
assert_equal(res.status_code, 403)
class TestAddonLogs(OsfTestCase):
def setUp(self):
super(TestAddonLogs, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def configure_osf_addon(self):
self.project = ProjectFactory(creator=self.user)
self.node_addon = self.project.get_addon('osfstorage')
self.node_addon.save()
def build_payload(self, metadata, **kwargs):
options = dict(
auth={'id': self.user._id},
action='create',
provider=self.node_addon.config.short_name,
metadata=metadata,
time=time.time() + 1000,
)
options.update(kwargs)
options = {
key: value
for key, value in options.iteritems()
if value is not None
}
message, signature = signing.default_signer.sign_payload(options)
return {
'payload': message,
'signature': signature,
}
@mock.patch('website.notifications.events.files.FileAdded.perform')
def test_add_log(self, mock_perform):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
# # Mocking form_message and perform so that the payload need not be exact.
# assert_true(mock_form_message.called, "form_message not called")
assert_true(mock_perform.called, 'perform not called')
def test_add_log_missing_args(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth=None)
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_user(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth={'id': None})
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_addon(self):
path = 'pizza'
node = ProjectFactory(creator=self.user)
url = node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(node.logs.count(), nlogs)
def test_add_log_bad_action(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, action='dance')
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_action_file_rename(self):
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(
action='rename',
metadata={
'path': 'foo',
},
source={
'materialized': 'foo',
'provider': 'github',
'node': {'_id': self.node._id},
'name': 'new.txt',
'kind': 'file',
},
destination={
'path': 'foo',
'materialized': 'foo',
'provider': 'github',
'node': {'_id': self.node._id},
'name': 'old.txt',
'kind': 'file',
},
)
self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'}
)
self.node.reload()
assert_equal(
self.node.logs.latest().action,
'github_addon_file_renamed',
)
def test_action_downloads(self):
url = self.node.api_url_for('create_waterbutler_log')
download_actions=('download_file', 'download_zip')
for action in download_actions:
payload = self.build_payload(metadata={'path': 'foo'}, action=action)
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=False,
)
assert_equal(res.status_code, 200)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_file_osfstorage_log(self):
self.configure_osf_addon()
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'materialized': path, 'kind': 'file', 'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
assert('urls' in self.node.logs.filter(action='osf_storage_file_added')[0].params)
def test_add_folder_osfstorage_log(self):
self.configure_osf_addon()
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'materialized': path, 'kind': 'folder', 'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
assert('urls' not in self.node.logs.filter(action='osf_storage_file_added')[0].params)
def test_loading_by_id(self):
session = Session()
session.save()
assert Session.load(session._id)
def test_loading_by_id(self):
session = Session()
session.save()
assert Session.load(session._id)