def test_user_can_not_verify_other_token(self): u1 = UserFactory() v1 = VerificationFactory(user=u1) u2 = UserFactory() VerificationFactory(user=u2) form = ConfirmEmailForm( user=u2, token=v1.token, data={"token": v1.token}, ) assert not form.is_valid() assert ["Token is invalid"] == form.errors["token"]
def test_algorithm_update_contains_repo_name(client, uploaded_image): # The algorithm creator should automatically get added to the editors group creator = get_algorithm_creator() VerificationFactory(user=creator, is_verified=True) response = get_view_for_user( viewname="algorithms:create", client=client, method=client.get, follow=True, user=creator, ) assert response.status_code == 200 assert "repo_name" not in response.rendered_content alg = AlgorithmFactory() alg.add_editor(user=creator) response = get_view_for_user( viewname="algorithms:update", client=client, method=client.get, reverse_kwargs={"slug": alg.slug}, follow=True, user=creator, ) assert response.status_code == 200 assert "repo_name" in response.rendered_content
def test_can_only_create_one_validation(self): u = UserFactory() VerificationFactory(user=u) form = VerificationForm(user=u, data={"email": u.email, "user": u}) assert ["You have already made a verification request" ] == form.errors["__all__"]
def test_user_with_verification(self, is_verified): user = UserFactory() VerificationFactory(user=user, is_verified=is_verified) form = SubmissionForm(user=user, creator_must_be_verified=True, data={"creator": user}) assert bool("creator" in form.errors) is not is_verified
def test_user_can_not_verify_other_token(self): call_command("check_permissions") u1 = UserenaSignup.objects.create_user( "userena", "*****@*****.**", "testpassword", active=True ) v1 = VerificationFactory(user=u1) u2 = UserenaSignup.objects.create_user( "userena2", "*****@*****.**", "testpassword", active=True ) VerificationFactory(user=u2) form = ConfirmEmailForm( user=u2, token=v1.token, data={"token": v1.token}, ) assert not form.is_valid() assert ["Token is invalid"] == form.errors["token"]
def test_cannot_make_validation_with_other_validation_email(self): call_command("check_permissions") u = UserenaSignup.objects.create_user( "userena", "*****@*****.**", "testpassword", active=True ) v = VerificationFactory(user=u) form = VerificationForm(user=UserFactory(), data={"email": v.email}) assert ["This email is already in use"] == form.errors["email"]
def test_user_can_verify(self): user = UserFactory() verification = VerificationFactory(user=user) form = ConfirmEmailForm( user=user, token=verification.token, data={"token": verification.token}, ) assert form.is_valid()
def workstation_set(): ws = WorkstationFactory() wsi = WorkstationImageFactory(workstation=ws) e, u, u1 = UserFactory(), UserFactory(), UserFactory() for user in [e, u, u1]: VerificationFactory(user=user, is_verified=True) wss = WorkstationSet(workstation=ws, editor=e, user=u, user1=u1, image=wsi) wss.workstation.add_editor(user=e) wss.workstation.add_user(user=u) return wss
def test_can_only_create_one_validation(self): call_command("check_permissions") u = UserenaSignup.objects.create_user( "userena", "*****@*****.**", "testpassword", active=True ) VerificationFactory(user=u) form = VerificationForm(user=u, data={"email": u.email, "user": u}) assert ["You have already made a verification request"] == form.errors[ "__all__" ]
def test_user_with_verification(self, is_verified): call_command("check_permissions") user = UserenaSignup.objects.create_user("userena", "*****@*****.**", "testpassword", active=True) VerificationFactory(user=user, is_verified=is_verified) form = SubmissionForm(user=user, creator_must_be_verified=True, data={"creator": user}) assert bool("creator" in form.errors) is not is_verified
def test_user_can_verify(self): call_command("check_permissions") user = UserenaSignup.objects.create_user( "userena", "*****@*****.**", "testpassword", active=True ) verification = VerificationFactory(user=user) form = ConfirmEmailForm( user=user, token=verification.token, data={"token": verification.token}, ) assert form.is_valid()
def test_user_can_not_verify_other_token(self, settings): settings.task_eager_propagates = (True, ) settings.task_always_eager = (True, ) u1 = UserFactory() v1 = VerificationFactory(user=u1) u2 = UserFactory() form = ConfirmEmailForm(user=u2, token=v1.token, data={"token": v1.token}) assert not form.is_valid() assert ["Token is invalid"] == form.errors["token"] u1.refresh_from_db() u2.refresh_from_db() v1.refresh_from_db() assert u1.is_active is True assert u2.is_active is False assert v1.is_verified is None
def test_can_upload_more_verified(settings): user = UserFactory() upload = UserUpload.objects.create(creator=user) presigned_urls = upload.generate_presigned_urls(part_numbers=[1]) put(presigned_urls["1"], data=b"123") settings.UPLOADS_MAX_SIZE_UNVERIFIED = 2 assert upload.can_upload_more is False VerificationFactory(user=user, is_verified=True) assert upload.can_upload_more is True settings.UPLOADS_MAX_SIZE_VERIFIED = 2 assert upload.can_upload_more is False
def test_redirect_view(get, post, client): resp = Response() resp.status_code = 200 resp.headers["Content-Type"] = "application/json" resp._content = b'{"access_token": "tok", "expires_in": "3600", "refresh_token": "ref", "refresh_token_expires_in":"7200", "id": 1}' post.return_value = resp get.return_value = resp user = UserFactory() response = get_view_for_user( client=client, viewname="github:install-complete", data={"state": "None"}, user=user, ) assert response.status_code == 404 error_msg = ( '<div class="mb-2">Unfortunately something went wrong while trying ' "to find the requested algorithm.</div><div>If you were trying to " "link a github repository to an algorithm, please do so manually in " "the algorithm's settings.</div>") assert error_msg in response.content.decode("utf-8") alg = AlgorithmFactory() alg.add_editor(user) response = get_view_for_user( client=client, viewname="github:install-complete", data={"state": alg.slug}, user=user, follow=True, ) # User is not verified assert response.status_code == 403 VerificationFactory(user=user, is_verified=True) response = get_view_for_user( client=client, viewname="github:install-complete", data={"state": alg.slug}, user=user, follow=True, ) assert response.status_code == 200 assert f"Add GitHub repository to {alg.title}" in response.rendered_content
def test_algorithm_create(client, uploaded_image): # The algorithm creator should automatically get added to the editors group creator = get_algorithm_creator() VerificationFactory(user=creator, is_verified=True) ws = WorkstationFactory() ci = ComponentInterface.objects.get(slug="generic-medical-image") def try_create_algorithm(): return get_view_for_user( viewname="algorithms:create", client=client, method=client.post, data={ "title": "foo bar", "logo": uploaded_image(), "workstation": ws.pk, "credits_per_job": 1, "image_requires_gpu": False, "image_requires_memory_gb": 4, "inputs": [ci.pk], "outputs": [ComponentInterfaceFactory().pk], "contact_email": creator.email, "display_editors": True, "access_request_handling": AccessRequestHandlingOptions.MANUAL_REVIEW, "view_content": "{}", }, follow=True, user=creator, ) response = try_create_algorithm() assert "error_1_id_workstation" in response.rendered_content # The editor must have view permissions for the workstation to add it ws.add_user(user=creator) response = try_create_algorithm() assert "error_1_id_workstation" not in response.rendered_content assert response.status_code == 200 alg = Algorithm.objects.get(title="foo bar") assert alg.slug == "foo-bar" assert alg.is_editor(user=creator) assert not alg.is_user(user=creator) assert is_following(user=creator, obj=alg)
def test_algorithm_image_create_detail(client): user = UserFactory() VerificationFactory(user=user, is_verified=True) algorithm = AlgorithmFactory() algorithm.add_editor(user) algorithm_image = UserUploadFactory(filename="test_image.tar.gz", creator=user) algorithm_image.status = algorithm_image.StatusChoices.COMPLETED algorithm_image.save() response = get_view_for_user( client=client, viewname="algorithms:image-create", reverse_kwargs={"slug": algorithm.slug}, user=user, ) assert response.status_code == 200 assert AlgorithmImage.objects.all().count() == 0 response = get_view_for_user( client=client, method=client.post, viewname="algorithms:image-create", reverse_kwargs={"slug": algorithm.slug}, user=user, data={ "user_upload": algorithm_image.pk, "requires_memory_gb": 24, "creator": user.pk, "algorithm": algorithm.pk, }, ) assert response.status_code == 302 images = AlgorithmImage.objects.all() assert len(images) == 1 assert images[0].algorithm == algorithm assert response.url == reverse( "algorithms:image-detail", kwargs={ "slug": algorithm.slug, "pk": images[0].pk }, )
def test_autocomplete_for_verified_email(self, client): archive = ArchiveFactory() admin = UserFactory() archive.add_editor(admin) user = UserFactory() VerificationFactory(user=user, is_verified=True) response = get_view_for_user( client=client, viewname="users-autocomplete", user=admin, data={"q": user.verification.email}, ) assert response.status_code == 200 assert str(user.pk) in response.json()["results"][0]["id"]
def test_workstationimage_create(client): u2 = UserFactory() VerificationFactory(user=u2, is_verified=True) w1 = WorkstationFactory() w2 = WorkstationFactory() w2.add_editor(user=u2) user_upload = UserUploadFactory(filename="test_image.tar.gz", creator=u2) user_upload.status = user_upload.StatusChoices.COMPLETED user_upload.save() assert w1.workstationimage_set.count() == 0 assert w2.workstationimage_set.count() == 0 response = get_view_for_user( client=client, method=client.post, viewname="workstations:image-create", reverse_kwargs={"slug": w2.slug}, user=u2, data={ "user_upload": user_upload.pk, "creator": u2.pk, "workstation": w2.pk, "initial_path": "a", "websocket_port": 1337, "http_port": 1234, }, ) assert response.status_code == 302 w1.refresh_from_db() w2.refresh_from_db() assert w1.workstationimage_set.count() == 0 w2_images = w2.workstationimage_set.all() assert len(w2_images) == 1 assert w2_images[0].creator == u2 assert w2_images[0].websocket_port == 1337 assert w2_images[0].http_port == 1234 assert w2_images[0].user_upload == user_upload assert w2_images[0].initial_path == "a"
def test_autocomplete_filter_options(self, client, filter, is_verified): archive = ArchiveFactory() admin = UserFactory() archive.add_editor(admin) first_name = "Jane" last_name = "Doe" if is_verified: u = UserFactory() VerificationFactory(user=u, is_verified=True) u.first_name = first_name u.last_name = last_name u.save() else: u = UserFactory(first_name=first_name, last_name=last_name) u.full_name = u.get_full_name().title() filter_criterion = getattr(u, filter) def get_user_autocomplete(): return get_view_for_user( client=client, viewname="users-autocomplete", user=admin, data={"q": filter_criterion}, ) response = get_user_autocomplete() assert response.status_code == 200 assert str(u.pk) in response.json()["results"][0]["id"] assert ( html_escape(str(u.user_profile.get_mugshot_url())) in response.json()["results"][0]["text"] ) assert u.username in response.json()["results"][0]["text"] assert u.get_full_name() in response.json()["results"][0]["text"] if is_verified: assert ( u.verification.email.split("@")[1] in response.json()["results"][0]["text"] )
def test_autocomplete_for_verified_email(self, client): archive = ArchiveFactory() admin = UserFactory() archive.add_editor(admin) call_command("check_permissions") user = UserenaSignup.objects.create_user("userena", "*****@*****.**", "testpassword", active=True) VerificationFactory(user=user, is_verified=True) response = get_view_for_user( client=client, viewname="users-autocomplete", user=admin, data={"q": user.verification.email}, ) assert response.status_code == 200 assert str(user.pk) in response.json()["results"][0]["id"]
def test_github_webhook(client, settings): settings.GITHUB_WEBHOOK_SECRET = "secret" user = UserFactory() VerificationFactory(user=user, is_verified=True) token = GitHubUserTokenFactory(user=user) data = {"test": "test", "sender": {"id": token.github_user_id}} signature = hmac.new( bytes(settings.GITHUB_WEBHOOK_SECRET, encoding="utf8"), msg=json.dumps(data).encode(), digestmod=hashlib.sha256, ).hexdigest() signature = f"sha256={signature}" assert GitHubWebhookMessage.objects.count() == 0 response = get_view_for_user( client=client, method=client.post, user=user, viewname="api:github-webhook", data=data, content_type="application/json", HTTP_X_HUB_SIGNATURE_256=signature[:-1], ) assert response.status_code == 403 assert GitHubWebhookMessage.objects.count() == 0 response = get_view_for_user( client=client, method=client.post, user=user, viewname="api:github-webhook", data=data, content_type="application/json", HTTP_X_HUB_SIGNATURE_256=signature, ) assert response.status_code == 200 assert GitHubWebhookMessage.objects.count() == 1
def test_permission_required_views(self, client): ai = AlgorithmImageFactory(ready=True) s = RawImageUploadSessionFactory() u = UserFactory() j = AlgorithmJobFactory(algorithm_image=ai) p = AlgorithmPermissionRequestFactory(algorithm=ai.algorithm) VerificationFactory(user=u, is_verified=True) for view_name, kwargs, permission, obj, redirect in [ ("create", {}, "algorithms.add_algorithm", None, None), ( "detail", {"slug": ai.algorithm.slug}, "view_algorithm", ai.algorithm, reverse( "algorithms:permission-request-create", kwargs={"slug": ai.algorithm.slug}, ), ), ( "update", {"slug": ai.algorithm.slug}, "change_algorithm", ai.algorithm, None, ), ( "image-create", {"slug": ai.algorithm.slug}, "change_algorithm", ai.algorithm, None, ), ( "image-detail", {"slug": ai.algorithm.slug, "pk": ai.pk}, "view_algorithmimage", ai, None, ), ( "image-update", {"slug": ai.algorithm.slug, "pk": ai.pk}, "change_algorithmimage", ai, None, ), ( "execution-session-create-batch", {"slug": ai.algorithm.slug}, "execute_algorithm", ai.algorithm, None, ), ( "execution-session-create", {"slug": ai.algorithm.slug}, "execute_algorithm", ai.algorithm, None, ), ( "execution-session-detail", {"slug": ai.algorithm.slug, "pk": s.pk}, "view_rawimageuploadsession", s, None, ), ( "job-experiment-detail", {"slug": ai.algorithm.slug, "pk": j.pk}, "view_job", j, None, ), ( "job-detail", {"slug": ai.algorithm.slug, "pk": j.pk}, "view_job", j, None, ), ( "job-update", {"slug": ai.algorithm.slug, "pk": j.pk}, "change_job", j, None, ), ( "job-viewers-update", {"slug": ai.algorithm.slug, "pk": j.pk}, "change_job", j, None, ), ( "editors-update", {"slug": ai.algorithm.slug}, "change_algorithm", ai.algorithm, None, ), ( "users-update", {"slug": ai.algorithm.slug}, "change_algorithm", ai.algorithm, None, ), ( "permission-request-update", {"slug": ai.algorithm.slug, "pk": p.pk}, "change_algorithm", ai.algorithm, None, ), ]: def _get_view(): return get_view_for_user( client=client, viewname=f"algorithms:{view_name}", reverse_kwargs=kwargs, user=u, ) response = _get_view() if redirect is not None: assert response.status_code == 302 assert response.url == redirect else: assert response.status_code == 403 assign_perm(permission, u, obj) response = _get_view() assert response.status_code == 200 remove_perm(permission, u, obj)
def test_permission_required_views(self, client): e = EvaluationFactory() u = UserFactory() VerificationFactory(user=u, is_verified=True) for view_name, kwargs, permission, obj in [ ( "phase-create", {}, "change_challenge", e.submission.phase.challenge, ), ( "phase-update", { "slug": e.submission.phase.slug }, "change_phase", e.submission.phase, ), ( "method-create", {}, "change_challenge", e.submission.phase.challenge, ), ("method-detail", { "pk": e.method.pk }, "view_method", e.method), ( "submission-create", { "slug": e.submission.phase.slug }, "create_phase_submission", e.submission.phase, ), ( "submission-create-legacy", { "slug": e.submission.phase.slug }, "change_challenge", e.submission.phase.challenge, ), ( "submission-detail", { "pk": e.submission.pk }, "view_submission", e.submission, ), ("update", { "pk": e.pk }, "change_evaluation", e), ("detail", { "pk": e.pk }, "view_evaluation", e), ]: response = get_view_for_user( client=client, viewname=f"evaluation:{view_name}", reverse_kwargs={ "challenge_short_name": e.submission.phase.challenge.short_name, **kwargs, }, user=u, ) assert response.status_code == 403 assign_perm(permission, u, obj) response = get_view_for_user( client=client, viewname=f"evaluation:{view_name}", reverse_kwargs={ "challenge_short_name": e.submission.phase.challenge.short_name, **kwargs, }, user=u, ) assert response.status_code == 200 remove_perm(permission, u, obj)
def test_cannot_make_validation_with_other_validation_email(self): u = UserFactory() v = VerificationFactory(user=u) form = VerificationForm(user=UserFactory(), data={"email": v.email}) assert ["This email is already in use"] == form.errors["email"]