def test_unit__get_all_manageable(self): admin = DBSession.query(User) \ .filter(User.email == '*****@*****.**').one() uapi = UserApi(admin) # Checks a case without workspaces. wapi = WorkspaceApi(current_user=admin) eq_([], wapi.get_all_manageable()) # Checks an admin gets all workspaces. w4 = wapi.create_workspace(label='w4') w3 = wapi.create_workspace(label='w3') w2 = wapi.create_workspace(label='w2') w1 = wapi.create_workspace(label='w1') eq_([w1, w2, w3, w4], wapi.get_all_manageable()) # Checks a regular user gets none workspace. gapi = GroupApi(None) u = uapi.create_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True) wapi = WorkspaceApi(current_user=u) rapi = RoleApi(current_user=u) rapi.create_one(u, w4, UserRoleInWorkspace.READER, False) rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, False) rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, False) rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, False) eq_([], wapi.get_all_manageable()) # Checks a manager gets only its own workspaces. u.groups.append(gapi.get_one(Group.TIM_MANAGER)) rapi.delete_one(u.user_id, w2.workspace_id) rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, False) eq_([w1, w2], wapi.get_all_manageable())
def test_unit__get_all_manageable(self): admin = DBSession.query(User) \ .filter(User.email == '*****@*****.**').one() uapi = UserApi(admin) # Checks a case without workspaces. wapi = WorkspaceApi(current_user=admin) eq_([], wapi.get_all_manageable()) # Checks an admin gets all workspaces. w4 = wapi.create_workspace(label='w4') w3 = wapi.create_workspace(label='w3') w2 = wapi.create_workspace(label='w2') w1 = wapi.create_workspace(label='w1') eq_([w1, w2, w3, w4], wapi.get_all_manageable()) # Checks a regular user gets none workspace. gapi = GroupApi(None) u = uapi.create_user('[email protected]', [gapi.get_one(Group.TIM_USER)], True) wapi = WorkspaceApi(current_user=u) rapi = RoleApi(current_user=u) off = 'off' rapi.create_one(u, w4, UserRoleInWorkspace.READER, off) rapi.create_one(u, w3, UserRoleInWorkspace.CONTRIBUTOR, off) rapi.create_one(u, w2, UserRoleInWorkspace.CONTENT_MANAGER, off) rapi.create_one(u, w1, UserRoleInWorkspace.WORKSPACE_MANAGER, off) eq_([], wapi.get_all_manageable()) # Checks a manager gets only its own workspaces. u.groups.append(gapi.get_one(Group.TIM_MANAGER)) rapi.delete_one(u.user_id, w2.workspace_id) rapi.create_one(u, w2, UserRoleInWorkspace.WORKSPACE_MANAGER, off) eq_([w1, w2], wapi.get_all_manageable())
def test_mark_read(self): uapi = UserApi(None) groups = [GroupApi(None).get_one(Group.TIM_USER), GroupApi(None).get_one(Group.TIM_MANAGER), GroupApi(None).get_one(Group.TIM_ADMIN)] user_a = uapi.create_user(email='this.is@user', groups=groups, save_now=True) user_b = uapi.create_user(email='*****@*****.**', groups=groups, save_now=True) wapi = WorkspaceApi(user_a) workspace = wapi.create_workspace( 'test workspace', save_now=True) role_api = RoleApi(user_a) role_api.create_one(user_b, workspace, UserRoleInWorkspace.READER, False) cont_api_a = ContentApi(user_a) cont_api_b = ContentApi(user_b) page_1 = cont_api_a.create(ContentType.Page, workspace, None, 'this is a page', do_save=True) for rev in page_1.revisions: eq_(user_b not in rev.read_by.keys(), True) cont_api_b.mark_read(page_1) for rev in page_1.revisions: eq_(user_b in rev.read_by.keys(), True)
def test_mark_read__all(self): uapi = UserApi(None) groups = [ GroupApi(None).get_one(Group.TIM_USER), GroupApi(None).get_one(Group.TIM_MANAGER), GroupApi(None).get_one(Group.TIM_ADMIN) ] user_a = uapi.create_user(email='this.is@user', groups=groups, save_now=True) user_b = uapi.create_user(email='*****@*****.**', groups=groups, save_now=True) wapi = WorkspaceApi(user_a) workspace = wapi.create_workspace('test workspace', save_now=True) role_api = RoleApi(user_a) role_api.create_one(user_b, workspace, UserRoleInWorkspace.READER, False) cont_api_a = ContentApi(user_a) cont_api_b = ContentApi(user_b) page_2 = cont_api_a.create(ContentType.Page, workspace, None, 'this is page1', do_save=True) page_3 = cont_api_a.create(ContentType.Thread, workspace, None, 'this is page2', do_save=True) page_4 = cont_api_a.create(ContentType.File, workspace, None, 'this is page3', do_save=True) for rev in page_2.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_3.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_4.revisions: eq_(user_b not in rev.read_by.keys(), True) DBSession.refresh(page_2) DBSession.refresh(page_3) DBSession.refresh(page_4) cont_api_b.mark_read__all() for rev in page_2.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_3.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_4.revisions: eq_(user_b in rev.read_by.keys(), True)
def post(self, name, description): # FIXME - Check user profile user = tmpl_context.current_user workspace_api_controller = WorkspaceApi(user) workspace = workspace_api_controller.create_workspace(name, description) tg.flash(_('{} workspace created.').format(workspace.label), CST.STATUS_OK) tg.redirect(self.url()) return
def test_get_notifiable_roles(self): admin = DBSession.query(User) \ .filter(User.email == '*****@*****.**').one() wapi = WorkspaceApi(admin) w = wapi.create_workspace(label='workspace w', save_now=True) uapi = UserApi(admin) u = uapi.create_user(email='[email protected]', save_now=True) eq_([], wapi.get_notifiable_roles(workspace=w)) rapi = RoleApi(u) r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif=True) eq_([r, ], wapi.get_notifiable_roles(workspace=w)) u.is_active = False eq_([], wapi.get_notifiable_roles(workspace=w))
def test_get_notifiable_roles(self): admin = DBSession.query(User) \ .filter(User.email == '*****@*****.**').one() wapi = WorkspaceApi(admin) w = wapi.create_workspace(label='workspace w', save_now=True) uapi = UserApi(admin) u = uapi.create_user(email='[email protected]', save_now=True) eq_([], wapi.get_notifiable_roles(workspace=w)) rapi = RoleApi(u) r = rapi.create_one(u, w, UserRoleInWorkspace.READER, with_notif='on') eq_([r, ], wapi.get_notifiable_roles(workspace=w)) u.is_active = False eq_([], wapi.get_notifiable_roles(workspace=w))
def post(self, name, description, calendar_enabled: str='off'): # FIXME - Check user profile user = tmpl_context.current_user workspace_api_controller = WorkspaceApi(user) calendar_enabled = on_off_to_boolean(calendar_enabled) workspace = workspace_api_controller.create_workspace(name, description) workspace.calendar_enabled = calendar_enabled DBSession.flush() tg.flash(_('{} workspace created.').format(workspace.label), CST.STATUS_OK) tg.redirect(self.url()) return
def post(self, name, description, calendar_enabled: str = 'off'): # FIXME - Check user profile user = tmpl_context.current_user workspace_api_controller = WorkspaceApi(user) calendar_enabled = on_off_to_boolean(calendar_enabled) workspace = workspace_api_controller.create_workspace( name, description) workspace.calendar_enabled = calendar_enabled DBSession.flush() tg.flash( _('{} workspace created.').format(workspace.label), CST.STATUS_OK) tg.redirect(self.url()) return
def post(self, name, description, calendar_enabled: str='off'): # FIXME - Check user profile user = tmpl_context.current_user workspace_api_controller = WorkspaceApi(user) calendar_enabled = on_off_to_boolean(calendar_enabled) # Display error page to user if chosen label is in conflict if not self._path_validation.workspace_label_is_free(name): return render_invalid_integrity_chosen_path(name) workspace = workspace_api_controller.create_workspace( name, description, calendar_enabled=calendar_enabled, save_now=True, ) tg.flash(_('{} workspace created.').format(workspace.label), CST.STATUS_OK) tg.redirect(self.url()) return
def post(self, name, description, calendar_enabled: str='off'): # FIXME - Check user profile user = tmpl_context.current_user workspace_api_controller = WorkspaceApi(user) calendar_enabled = on_off_to_boolean(calendar_enabled) # Display error page to user if chosen label is in conflict if not self._path_validation.workspace_label_is_free(name): return render_invalid_integrity_chosen_path(name) workspace = workspace_api_controller.create_workspace( name, description, calendar_enabled=calendar_enabled, save_now=True, ) tg.flash(_('{} workspace created.').format(workspace.label), CST.STATUS_OK) tg.redirect(self.url()) return
def test_mark_read__workspace(self): uapi = UserApi(None) groups = [GroupApi(None).get_one(Group.TIM_USER), GroupApi(None).get_one(Group.TIM_MANAGER), GroupApi(None).get_one(Group.TIM_ADMIN)] user_a = uapi.create_user(email='this.is@user', groups=groups, save_now=True) user_b = uapi.create_user(email='*****@*****.**', groups=groups, save_now=True) wapi = WorkspaceApi(user_a) workspace1 = wapi.create_workspace( 'test workspace n°1', save_now=True) workspace2 = wapi.create_workspace( 'test workspace n°2', save_now=True) role_api1 = RoleApi(user_a) role_api1.create_one(user_b, workspace1, UserRoleInWorkspace.READER, False) role_api2 = RoleApi(user_a) role_api2.create_one(user_b, workspace2, UserRoleInWorkspace.READER, False) cont_api_a = ContentApi(user_a) cont_api_b = ContentApi(user_b) # Creates page_1 & page_2 in workspace 1 # and page_3 & page_4 in workspace 2 page_1 = cont_api_a.create(ContentType.Page, workspace1, None, 'this is a page', do_save=True) page_2 = cont_api_a.create(ContentType.Page, workspace1, None, 'this is page1', do_save=True) page_3 = cont_api_a.create(ContentType.Thread, workspace2, None, 'this is page2', do_save=True) page_4 = cont_api_a.create(ContentType.File, workspace2, None, 'this is page3', do_save=True) for rev in page_1.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_2.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_3.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_4.revisions: eq_(user_b not in rev.read_by.keys(), True) # Set as read the workspace n°1 cont_api_b.mark_read__workspace(workspace=workspace1) for rev in page_1.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_2.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_3.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_4.revisions: eq_(user_b not in rev.read_by.keys(), True) # Set as read the workspace n°2 cont_api_b.mark_read__workspace(workspace=workspace2) for rev in page_1.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_2.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_3.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_4.revisions: eq_(user_b in rev.read_by.keys(), True)
class Root(DAVCollection): """ Root ressource that represents tracim's home, which contains all workspaces """ def __init__(self, path: str, environ: dict): super(Root, self).__init__(path, environ) self.user = UserApi(None).get_one_by_email(environ['http_authenticator.username']) # TODO BS 20170221: Web interface should list all workspace to. We # disable it here for moment. When web interface will be updated to # list all workspace, change this here to. self.workspace_api = WorkspaceApi(self.user, force_role=True) def __repr__(self) -> str: return '<DAVCollection: Root>' def getMemberNames(self) -> [str]: """ This method returns the names (here workspace's labels) of all its children Though for perfomance issue, we're not using this function anymore """ return [workspace.label for workspace in self.workspace_api.get_all()] def getMember(self, label: str) -> DAVCollection: """ This method returns the child Workspace that corresponds to a given name Though for perfomance issue, we're not using this function anymore """ try: workspace = self.workspace_api.get_one_by_label(label) workspace_path = '%s%s%s' % (self.path, '' if self.path == '/' else '/', transform_to_display(workspace.label)) return Workspace(workspace_path, self.environ, workspace) except AttributeError: return None def createEmptyResource(self, name: str): """ This method is called whenever the user wants to create a DAVNonCollection resource (files in our case). There we don't allow to create files at the root; only workspaces (thus collection) can be created. """ raise DAVError(HTTP_FORBIDDEN) def createCollection(self, name: str): """ This method is called whenever the user wants to create a DAVCollection resource as a child (in our case, we create workspaces as this is the root). [For now] we don't allow to create new workspaces through webdav client. Though if we come to allow it, deleting the error's raise will make it possible. """ # TODO : remove comment here # raise DAVError(HTTP_FORBIDDEN) new_workspace = self.workspace_api.create_workspace(name) self.workspace_api.save(new_workspace) workspace_path = '%s%s%s' % ( self.path, '' if self.path == '/' else '/', transform_to_display(new_workspace.label)) transaction.commit() return Workspace(workspace_path, self.environ, new_workspace) def getMemberList(self): """ This method is called by wsgidav when requesting with a depth > 0, it will return a list of _DAVResource of all its direct children """ members = [] for workspace in self.workspace_api.get_all(): workspace_path = '%s%s%s' % (self.path, '' if self.path == '/' else '/', workspace.label) members.append(Workspace(workspace_path, self.environ, workspace)) return members
def insert(self): admin = self._session.query(model.User) \ .filter(model.User.email == '*****@*****.**') \ .one() bob = self._session.query(model.User) \ .filter(model.User.email == '*****@*****.**') \ .one() admin_workspace_api = WorkspaceApi(admin) bob_workspace_api = WorkspaceApi(bob) content_api = ContentApi(admin) role_api = RoleApi(admin) # Workspaces w1 = admin_workspace_api.create_workspace('w1', save_now=True) w2 = bob_workspace_api.create_workspace('w2', save_now=True) w3 = admin_workspace_api.create_workspace('w3', save_now=True) # Workspaces roles role_api.create_one( user=bob, workspace=w1, role_level=UserRoleInWorkspace.CONTENT_MANAGER, with_notif=False, ) # Folders w1f1 = content_api.create( content_type=ContentType.Folder, workspace=w1, label='w1f1', do_save=True, ) w1f2 = content_api.create( content_type=ContentType.Folder, workspace=w1, label='w1f2', do_save=True, ) w2f1 = content_api.create( content_type=ContentType.Folder, workspace=w2, label='w2f1', do_save=True, ) w2f2 = content_api.create( content_type=ContentType.Folder, workspace=w2, label='w2f2', do_save=True, ) w3f1 = content_api.create( content_type=ContentType.Folder, workspace=w3, label='w3f3', do_save=True, ) # Pages, threads, .. w1f1p1 = content_api.create( content_type=ContentType.Page, workspace=w1, parent=w1f1, label='w1f1p1', do_save=True, ) w1f1t1 = content_api.create( content_type=ContentType.Thread, workspace=w1, parent=w1f1, label='w1f1t1', do_save=False, ) w1f1t1.description = 'w1f1t1 description' self._session.add(w1f1t1) w1f1d1_txt = content_api.create( content_type=ContentType.File, workspace=w1, parent=w1f1, label='w1f1d1', do_save=False, ) w1f1d1_txt.file_extension = '.txt' w1f1d1_txt.depot_file = FileIntent( b'w1f1d1 content', 'w1f1d1.txt', 'text/plain', ) self._session.add(w1f1d1_txt) w1f1d2_html = content_api.create( content_type=ContentType.File, workspace=w1, parent=w1f1, label='w1f1d2', do_save=False, ) w1f1d2_html.file_extension = '.html' w1f1d2_html.depot_file = FileIntent( b'<p>w1f1d2 content</p>', 'w1f1d2.html', 'text/html', ) self._session.add(w1f1d2_html) w1f1f1 = content_api.create( content_type=ContentType.Folder, workspace=w1, label='w1f1f1', parent=w1f1, do_save=True, ) w2f1p1 = content_api.create( content_type=ContentType.Page, workspace=w2, parent=w2f1, label='w2f1p1', do_save=True, ) self._session.flush()
class Root(DAVCollection): """ Root ressource that represents tracim's home, which contains all workspaces """ def __init__(self, path: str, environ: dict): super(Root, self).__init__(path, environ) self.user = UserApi(None).get_one_by_email( environ['http_authenticator.username']) self.workspace_api = WorkspaceApi(self.user) def __repr__(self) -> str: return '<DAVCollection: Root>' def getMemberNames(self) -> [str]: """ This method returns the names (here workspace's labels) of all its children Though for perfomance issue, we're not using this function anymore """ return [workspace.label for workspace in self.workspace_api.get_all()] def getMember(self, label: str) -> DAVCollection: """ This method returns the child Workspace that corresponds to a given name Though for perfomance issue, we're not using this function anymore """ try: workspace = self.workspace_api.get_one_by_label(label) workspace_path = '%s%s%s' % ( self.path, '' if self.path == '/' else '/', self.provider.transform_to_display(workspace.label)) return Workspace(workspace_path, self.environ, workspace) except AttributeError: return None def createEmptyResource(self, name: str): """ This method is called whenever the user wants to create a DAVNonCollection resource (files in our case). There we don't allow to create files at the root; only workspaces (thus collection) can be created. """ raise DAVError(HTTP_FORBIDDEN) def createCollection(self, name: str): """ This method is called whenever the user wants to create a DAVCollection resource as a child (in our case, we create workspaces as this is the root). [For now] we don't allow to create new workspaces through webdav client. Though if we come to allow it, deleting the error's raise will make it possible. """ # TODO : remove comment here # raise DAVError(HTTP_FORBIDDEN) new_workspace = self.workspace_api.create_workspace(name) self.workspace_api.save(new_workspace) workspace_path = '%s%s%s' % ( self.path, '' if self.path == '/' else '/', self.provider.transform_to_display(new_workspace.label)) transaction.commit() return Workspace(workspace_path, self.environ, new_workspace) def getMemberList(self): """ This method is called by wsgidav when requesting with a depth > 0, it will return a list of _DAVResource of all its direct children """ members = [] for workspace in self.workspace_api.get_all(): workspace_path = '%s%s%s' % (self.path, '' if self.path == '/' else '/', workspace.label) members.append(Workspace(workspace_path, self.environ, workspace)) return members
def insert(self): admin = self._session.query(model.User) \ .filter(model.User.email == '*****@*****.**') \ .one() bob = self._session.query(model.User) \ .filter(model.User.email == '*****@*****.**') \ .one() workspace_api = WorkspaceApi(admin) content_api = ContentApi(admin) role_api = RoleApi(admin) # Workspaces w1 = workspace_api.create_workspace('w1', save_now=True) w2 = workspace_api.create_workspace('w2', save_now=True) w3 = workspace_api.create_workspace('w3', save_now=True) # Workspaces roles role_api.create_one( user=bob, workspace=w1, role_level=UserRoleInWorkspace.CONTENT_MANAGER, with_notif=False, ) role_api.create_one( user=bob, workspace=w2, role_level=UserRoleInWorkspace.CONTENT_MANAGER, with_notif=False, ) w1f1 = content_api.create( content_type=ContentType.Folder, workspace=w1, label='w1f1', do_save=True, ) w1f2 = content_api.create( content_type=ContentType.Folder, workspace=w1, label='w1f2', do_save=True, ) # Folders w2f1 = content_api.create( content_type=ContentType.Folder, workspace=w2, label='w1f1', do_save=True, ) w2f2 = content_api.create( content_type=ContentType.Folder, workspace=w2, label='w2f2', do_save=True, ) w3f1 = content_api.create( content_type=ContentType.Folder, workspace=w3, label='w3f3', do_save=True, ) # Pages, threads, .. w1f1p1 = content_api.create( content_type=ContentType.Page, workspace=w1, parent=w1f1, label='w1f1p1', do_save=True, ) w1f1t1 = content_api.create( content_type=ContentType.Thread, workspace=w1, parent=w1f1, label='w1f1t1', do_save=False, ) w1f1t1.description = 'w1f1t1 description' self._session.add(w1f1t1) w1f1d1 = content_api.create( content_type=ContentType.File, workspace=w1, parent=w1f1, label='w1f1d1', do_save=False, ) w1f1d1.file_extension = '.txt' w1f1d1.file_content = b'w1f1d1 content' self._session.add(w1f1d1) w2f1p1 = content_api.create( content_type=ContentType.Page, workspace=w2, parent=w2f1, label='w2f1p1', do_save=True, ) self._session.flush()
def test_mark_read__workspace(self): uapi = UserApi(None) groups = [ GroupApi(None).get_one(Group.TIM_USER), GroupApi(None).get_one(Group.TIM_MANAGER), GroupApi(None).get_one(Group.TIM_ADMIN) ] user_a = uapi.create_user(email='this.is@user', groups=groups, save_now=True) user_b = uapi.create_user(email='*****@*****.**', groups=groups, save_now=True) wapi = WorkspaceApi(user_a) workspace1 = wapi.create_workspace('test workspace n°1', save_now=True) workspace2 = wapi.create_workspace('test workspace n°2', save_now=True) role_api1 = RoleApi(user_a) role_api1.create_one(user_b, workspace1, UserRoleInWorkspace.READER, False) role_api2 = RoleApi(user_a) role_api2.create_one(user_b, workspace2, UserRoleInWorkspace.READER, False) cont_api_a = ContentApi(user_a) cont_api_b = ContentApi(user_b) # Creates page_1 & page_2 in workspace 1 # and page_3 & page_4 in workspace 2 page_1 = cont_api_a.create(ContentType.Page, workspace1, None, 'this is a page', do_save=True) page_2 = cont_api_a.create(ContentType.Page, workspace1, None, 'this is page1', do_save=True) page_3 = cont_api_a.create(ContentType.Thread, workspace2, None, 'this is page2', do_save=True) page_4 = cont_api_a.create(ContentType.File, workspace2, None, 'this is page3', do_save=True) for rev in page_1.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_2.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_3.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_4.revisions: eq_(user_b not in rev.read_by.keys(), True) # Set as read the workspace n°1 cont_api_b.mark_read__workspace(workspace=workspace1) for rev in page_1.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_2.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_3.revisions: eq_(user_b not in rev.read_by.keys(), True) for rev in page_4.revisions: eq_(user_b not in rev.read_by.keys(), True) # Set as read the workspace n°2 cont_api_b.mark_read__workspace(workspace=workspace2) for rev in page_1.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_2.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_3.revisions: eq_(user_b in rev.read_by.keys(), True) for rev in page_4.revisions: eq_(user_b in rev.read_by.keys(), True)