def test_get_children_only_returns_child_nodes_with_admin_permissions(self): user = UserFactory() admin_project = ProjectFactory() admin_project.add_contributor( user, auth=Auth(admin_project.creator), permissions=permissions.expand_permissions(permissions.ADMIN) ) admin_project.save() admin_component = NodeFactory(parent=admin_project) admin_component.add_contributor( user, auth=Auth(admin_component.creator), permissions=permissions.expand_permissions(permissions.ADMIN) ) admin_component.save() read_and_write = NodeFactory(parent=admin_project) read_and_write.add_contributor( user, auth=Auth(read_and_write.creator), permissions=permissions.expand_permissions(permissions.WRITE) ) read_and_write.save() read_only = NodeFactory(parent=admin_project) read_only.add_contributor( user, auth=Auth(read_only.creator), permissions=permissions.expand_permissions(permissions.READ) ) read_only.save() non_contributor = NodeFactory(parent=admin_project) components = _get_children(admin_project, Auth(user)) assert_equal(len(components), 1)
def test_get_children_only_returns_child_nodes_with_admin_permissions( self): user = UserFactory() admin_project = ProjectFactory() admin_project.add_contributor( user, auth=Auth(admin_project.creator), permissions=permissions.expand_permissions(permissions.ADMIN)) admin_project.save() admin_component = NodeFactory(parent=admin_project) admin_component.add_contributor( user, auth=Auth(admin_component.creator), permissions=permissions.expand_permissions(permissions.ADMIN)) admin_component.save() read_and_write = NodeFactory(parent=admin_project) read_and_write.add_contributor( user, auth=Auth(read_and_write.creator), permissions=permissions.expand_permissions(permissions.WRITE)) read_and_write.save() read_only = NodeFactory(parent=admin_project) read_only.add_contributor(user, auth=Auth(read_only.creator), permissions=permissions.expand_permissions( permissions.READ)) read_only.save() non_contributor = NodeFactory(parent=admin_project) components = _get_children(admin_project, Auth(user)) assert_equal(len(components), 1)
def test_expand_permissions(): result = permissions.expand_permissions('admin') assert_equal(result, ['read', 'write', 'admin']) result2 = permissions.expand_permissions('write') assert_equal(result2, ['read', 'write']) result3 = permissions.expand_permissions(None) assert_equal(result3, [])
def test_render_node_returns_permissions(self): node = ProjectFactory() admin = UserFactory() node.add_contributor(admin, auth=Auth(node.creator), permissions=permissions.expand_permissions(permissions.ADMIN)) writer = UserFactory() node.add_contributor(writer, auth=Auth(node.creator), permissions=permissions.expand_permissions(permissions.WRITE)) node.save() res_admin = _render_node(node, Auth(admin)) assert_equal(res_admin['permissions'], 'admin') res_writer = _render_node(node, Auth(writer)) assert_equal(res_writer['permissions'], 'write')
def create(self, validated_data): auth = Auth(self.context['request'].user) node = self.context['view'].get_node() contributor = get_object_or_error(User, validated_data['_id'], display_name='user') # Node object checks for contributor existence but can still change permissions anyway if contributor in node.contributors: raise exceptions.ValidationError( '{} is already a contributor'.format(contributor.fullname)) bibliographic = validated_data['bibliographic'] permissions = osf_permissions.expand_permissions( validated_data.get('permission') ) or osf_permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS node.add_contributor(contributor=contributor, auth=auth, visible=bibliographic, permissions=permissions, save=True) contributor.permission = osf_permissions.reduce_permissions( node.get_permissions(contributor)) contributor.bibliographic = node.get_visible(contributor) contributor.node_id = node._id return contributor
def create(self, validated_data): id = validated_data.get('_id') email = validated_data.get('email') index = validated_data.get('index') node = self.context['view'].get_node() auth = Auth(self.context['request'].user) full_name = validated_data.get('full_name') bibliographic = validated_data.get('bibliographic') send_email = self.context['request'].GET.get('send_email') or 'default' permissions = osf_permissions.expand_permissions(validated_data.get('permission')) or osf_permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS self.validate_data(node, user_id=id, full_name=full_name, email=email, index=index) if send_email not in self.email_preferences: raise exceptions.ValidationError(detail='{} is not a valid email preference.'.format(send_email)) try: contributor = node.add_contributor_registered_or_not( auth=auth, user_id=id, email=email, full_name=full_name, send_email=send_email, permissions=permissions, bibliographic=bibliographic, index=index, save=True ) except ValidationValueError as e: raise exceptions.ValidationError(detail=e.message) except ValueError as e: raise exceptions.NotFound(detail=e.message) return contributor
def deserialize_contributors(node, user_dicts, auth): """View helper that returns a list of User objects from a list of serialized users (dicts). The users in the list may be registered or unregistered users. e.g. ``[{'id': 'abc123', 'registered': True, 'fullname': ..}, {'id': None, 'registered': False, 'fullname'...}, {'id': '123ab', 'registered': False, 'fullname': ...}] If a dict represents an unregistered user without an ID, creates a new unregistered User record. :param Node node: The node to add contributors to :param list(dict) user_dicts: List of serialized users in the format above. :param Auth auth: """ # Add the registered contributors contribs = [] for contrib_dict in user_dicts: fullname = contrib_dict['fullname'] visible = contrib_dict['visible'] email = contrib_dict.get('email') if contrib_dict['id']: contributor = User.load(contrib_dict['id']) else: try: contributor = User.create_unregistered(fullname=fullname, email=email) contributor.save() except ValidationValueError: contributor = get_user(username=email) # Add unclaimed record if necessary if (not contributor.is_registered and node._primary_key not in contributor.unclaimed_records): contributor.add_unclaimed_record(node=node, referrer=auth.user, given_name=fullname, email=email) contributor.save() unreg_contributor_added.send(node, contributor=contributor, auth=auth) contribs.append({ 'user': contributor, 'visible': visible, 'permissions': expand_permissions(contrib_dict.get('permission')) }) return contribs
def deserialize_contributors(node, user_dicts, auth, validate=False): """View helper that returns a list of User objects from a list of serialized users (dicts). The users in the list may be registered or unregistered users. e.g. ``[{'id': 'abc123', 'registered': True, 'fullname': ..}, {'id': None, 'registered': False, 'fullname'...}, {'id': '123ab', 'registered': False, 'fullname': ...}] If a dict represents an unregistered user without an ID, creates a new unregistered User record. :param Node node: The node to add contributors to :param list(dict) user_dicts: List of serialized users in the format above. :param Auth auth: :param bool validate: Whether to validate and sanitize fields (if necessary) """ # Add the registered contributors contribs = [] for contrib_dict in user_dicts: fullname = contrib_dict["fullname"] visible = contrib_dict["visible"] email = contrib_dict.get("email") if validate is True: # Validate and sanitize inputs as needed. Email will raise error if invalid. # TODO Edge case bug: validation and saving are performed in same loop, so all in list # up to the invalid entry will be saved. (communicate to the user what needs to be retried) fullname = sanitize.strip_html(fullname) if not fullname: raise ValidationValueError("Full name field cannot be empty") if email: validate_email(email) # Will raise a ValidationError if email invalid if contrib_dict["id"]: contributor = User.load(contrib_dict["id"]) else: try: contributor = User.create_unregistered(fullname=fullname, email=email) contributor.save() except ValidationValueError: ## FIXME: This suppresses an exception if ID not found & new validation fails; get_user will return None contributor = get_user(email=email) # Add unclaimed record if necessary if not contributor.is_registered and node._primary_key not in contributor.unclaimed_records: contributor.add_unclaimed_record(node=node, referrer=auth.user, given_name=fullname, email=email) contributor.save() contribs.append( {"user": contributor, "visible": visible, "permissions": expand_permissions(contrib_dict.get("permission"))} ) return contribs
def deserialize_contributors(node, user_dicts, auth): """View helper that returns a list of User objects from a list of serialized users (dicts). The users in the list may be registered or unregistered users. e.g. ``[{'id': 'abc123', 'registered': True, 'fullname': ..}, {'id': None, 'registered': False, 'fullname'...}, {'id': '123ab', 'registered': False, 'fullname': ...}] If a dict represents an unregistered user without an ID, creates a new unregistered User record. :param Node node: The node to add contributors to :param list(dict) user_dicts: List of serialized users in the format above. :param Auth auth: """ # Add the registered contributors contribs = [] for contrib_dict in user_dicts: fullname = contrib_dict['fullname'] visible = contrib_dict['visible'] email = contrib_dict.get('email') if contrib_dict['id']: contributor = User.load(contrib_dict['id']) else: try: contributor = User.create_unregistered( fullname=fullname, email=email) contributor.save() except ValidationValueError: contributor = get_user(email=email) # Add unclaimed record if necessary if (not contributor.is_registered and node._primary_key not in contributor.unclaimed_records): contributor.add_unclaimed_record(node=node, referrer=auth.user, given_name=fullname, email=email) contributor.save() unreg_contributor_added.send(node, contributor=contributor, auth=auth) contribs.append({ 'user': contributor, 'visible': visible, 'permissions': expand_permissions(contrib_dict.get('permission')) }) return contribs
def create(self, validated_data): auth = Auth(self.context['request'].user) node = self.context['view'].get_node() contributor = get_object_or_error(User, validated_data['_id'], display_name='user') # Node object checks for contributor existence but can still change permissions anyway if contributor in node.contributors: raise exceptions.ValidationError('{} is already a contributor'.format(contributor.fullname)) bibliographic = validated_data['bibliographic'] permissions = osf_permissions.expand_permissions(validated_data.get('permission')) or osf_permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS node.add_contributor(contributor=contributor, auth=auth, visible=bibliographic, permissions=permissions, save=True) contributor.permission = osf_permissions.reduce_permissions(node.get_permissions(contributor)) contributor.bibliographic = node.get_visible(contributor) contributor.node_id = node._id return contributor
def deserialize_contributors(node, user_dicts, auth, validate=False): """View helper that returns a list of User objects from a list of serialized users (dicts). The users in the list may be registered or unregistered users. e.g. ``[{'id': 'abc123', 'registered': True, 'fullname': ..}, {'id': None, 'registered': False, 'fullname'...}, {'id': '123ab', 'registered': False, 'fullname': ...}] If a dict represents an unregistered user without an ID, creates a new unregistered User record. :param Node node: The node to add contributors to :param list(dict) user_dicts: List of serialized users in the format above. :param Auth auth: :param bool validate: Whether to validate and sanitize fields (if necessary) """ # Add the registered contributors contribs = [] for contrib_dict in user_dicts: fullname = contrib_dict['fullname'] visible = contrib_dict['visible'] email = contrib_dict.get('email') if validate is True: # Validate and sanitize inputs as needed. Email will raise error if invalid. # TODO Edge case bug: validation and saving are performed in same loop, so all in list # up to the invalid entry will be saved. (communicate to the user what needs to be retried) fullname = sanitize.strip_html(fullname) if not fullname: raise ValidationValueError('Full name field cannot be empty') if email is not None: validate_email( email) # Will raise a ValidationError if email invalid if contrib_dict['id']: contributor = User.load(contrib_dict['id']) else: try: contributor = User.create_unregistered(fullname=fullname, email=email) contributor.save() except ValidationValueError: ## FIXME: This suppresses an exception if ID not found & new validation fails; get_user will return None contributor = get_user(email=email) # Add unclaimed record if necessary if (not contributor.is_registered and node._primary_key not in contributor.unclaimed_records): contributor.add_unclaimed_record(node=node, referrer=auth.user, given_name=fullname, email=email) contributor.save() unreg_contributor_added.send(node, contributor=contributor, auth=auth) contribs.append({ 'user': contributor, 'visible': visible, 'permissions': expand_permissions(contrib_dict.get('permission')) }) return contribs