def test_get_accessible_filepath_ids(self):
self._set_processed_data_private()
# shared has access to all study files and analysis files
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, set([1, 2, 5, 6, 7, 11, 12, 13, 14, 15, 16, 17,
18, 19, 20]))
# Now shared should not have access to the study files
self._unshare_studies()
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, set([12, 13, 14, 15]))
# Now shared should not have access to any files
self._unshare_analyses()
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, set())
# Now shared has access to public study files
self._set_processed_data_public()
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, set([1, 2, 5, 6, 7, 11, 16, 19, 20]))
# Test that it doesn't break: if the SampleTemplate hasn't been added
exp = set([1, 2, 5, 6, 7, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20])
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, exp)
info = {
"timeseries_type_id": 1,
"metadata_complete": True,
"mixs_compliant": True,
"number_samples_collected": 4,
"number_samples_promised": 4,
"portal_type_id": 3,
"study_alias": "TestStudy",
"study_description": "Description of a test study",
"study_abstract": "No abstract right now...",
"emp_person_id": 1,
"principal_investigator_id": 1,
"lab_person_id": 1
}
Study.create(User('*****@*****.**'), "Test study", [1], info)
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, exp)
# test in case there is a prep template that failed
self.conn_handler.execute(
"INSERT INTO qiita.prep_template (data_type_id, raw_data_id) "
"VALUES (2,1)")
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, exp)
# admin should have access to everything
count = self.conn_handler.execute_fetchone("SELECT count(*) FROM "
"qiita.filepath")[0]
exp = set(range(1, count + 1))
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, exp)
def get(self, filepath_id):
filepath_id = int(filepath_id)
# Check access to file
accessible_filepaths = get_accessible_filepath_ids(self.current_user)
if filepath_id not in accessible_filepaths:
raise QiitaPetAuthorizationError(
self.current_user, 'filepath id %s' % str(filepath_id))
relpath = filepath_id_to_rel_path(filepath_id)
fname = basename(relpath)
# If we don't have nginx, write a file that indicates this
self.write("This installation of Qiita was not equipped with nginx, "
"so it is incapable of serving files. The file you "
"attempted to download is located at %s" % relpath)
self.set_header('Content-Description', 'File Transfer')
self.set_header('Content-Type', 'application/octet-stream')
self.set_header('Content-Transfer-Encoding', 'binary')
self.set_header('Expires', '0')
self.set_header('Cache-Control', 'no-cache')
self.set_header('X-Accel-Redirect', '/protected/' + relpath)
self.set_header('Content-Disposition',
'attachment; filename=%s' % fname)
self.finish()
def get(self, filepath_id):
filepath_id = int(filepath_id)
# Check access to file
accessible_filepaths = get_accessible_filepath_ids(self.current_user)
if filepath_id not in accessible_filepaths:
raise QiitaPetAuthorizationError(
self.current_user, 'filepath id %s' % str(filepath_id))
relpath = filepath_id_to_rel_path(filepath_id)
fname = basename(relpath)
# If we don't have nginx, write a file that indicates this
self.write("This installation of Qiita was not equipped with nginx, "
"so it is incapable of serving files. The file you "
"attempted to download is located at %s" % relpath)
self.set_header('Content-Description', 'File Transfer')
self.set_header('Content-Type', 'application/octet-stream')
self.set_header('Content-Transfer-Encoding', 'binary')
self.set_header('Expires', '0')
self.set_header('Cache-Control', 'no-cache')
self.set_header('X-Accel-Redirect', '/protected/' + relpath)
self.set_header('Content-Disposition',
'attachment; filename=%s' % fname)
self.finish()
def test_get_accessible_filepath_ids(self):
self._set_studies_private()
# shared has access to all study files and analysis files
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs,
set([1, 2, 5, 6, 7, 11, 12, 13, 14, 15, 16, 17, 18]))
# Now shared should not have access to the study files
self._unshare_studies()
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, set([12, 13, 14, 15]))
# Now shared should not have access to any files
self._unshare_analyses()
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, set())
# Test that it doesn't break: if the SampleTemplate hasn't been added
exp = set([1, 2, 5, 6, 7, 11, 12, 13, 14, 15, 16, 17, 18])
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, exp)
info = {
"timeseries_type_id": 1,
"metadata_complete": True,
"mixs_compliant": True,
"number_samples_collected": 4,
"number_samples_promised": 4,
"portal_type_id": 3,
"study_alias": "TestStudy",
"study_description": "Description of a test study",
"study_abstract": "No abstract right now...",
"emp_person_id": 1,
"principal_investigator_id": 1,
"lab_person_id": 1
}
Study.create(User('*****@*****.**'), "Test study", [1], info)
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, exp)
# test in case there is a prep template that failed
self.conn_handler.execute(
"INSERT INTO qiita.prep_template (data_type_id, raw_data_id) "
"VALUES (2,1)")
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, exp)
# admin should have access to everything
count = self.conn_handler.execute_fetchone("SELECT count(*) FROM "
"qiita.filepath")[0]
exp = set(range(1, count + 1))
obs = get_accessible_filepath_ids(User('*****@*****.**'))
self.assertEqual(obs, exp)
