def test_package_dictize_owner_org(self):
org = factories.Organization()
dataset = factories.Dataset(owner_org=org["id"])
dataset_obj = model.Package.get(dataset["id"])
context = {"model": model, "session": model.Session}
result = model_dictize.package_dictize(dataset_obj, context)
assert result["owner_org"] == org["id"]
assert_equal_for_keys(result["organization"], org, "name")
expected_dict = {
u"approval_status": org["approval_status"],
u"description": org["description"],
u"image_url": org["image_url"],
u"is_organization": org["is_organization"],
u"name": org["name"],
u"state": org["state"],
u"title": org["title"],
u"type": org["type"],
}
self.assert_equals_expected(expected_dict, result["organization"])
def test_resource_view_list_private_member(self):
org = factories.Organization()
dataset = factories.Dataset(private=True, owner_org=org['id'])
resource = factories.Resource(package_id=dataset['id'])
user = factories.User()
context = self._get_context(user)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth('resource_view_list',
context=context,
id=resource['id'])
helpers.call_action('package_collaborator_create',
id=dataset['id'],
user_id=user['id'],
capacity='member')
assert helpers.call_auth('resource_view_list',
context=context,
id=resource['id'])
def test_package_dictize_owner_org(self):
org = factories.Organization(name='test_package_dictize')
dataset = factories.Dataset(owner_org=org['id'])
dataset_obj = model.Package.get(dataset['id'])
context = {'model': model, 'session': model.Session}
result = model_dictize.package_dictize(dataset_obj, context)
assert_equal(result['owner_org'], org['id'])
assert_equal_for_keys(result['organization'], org, 'name')
expected_dict = {
u'approval_status': u'approved',
u'description': u'Just another test organization.',
u'image_url': u'http://placekitten.com/g/200/100',
u'is_organization': True,
u'name': u'test_package_dictize',
u'state': u'active',
u'title': u'Test Organization',
u'type': u'organization'
}
self.assert_equals_expected(expected_dict, result['organization'])
def test_does_not_return_editors(self):
"""
By default organization_list_for_user() should not return organizations
that the user is just an editor (not an admin) of.
"""
user = factories.User()
context = {'user': user['name']}
organization = factories.Organization()
helpers.call_action('member_create',
id=organization['id'],
object=user['id'],
object_type='user',
capacity='editor')
organizations = helpers.call_action('organization_list_for_user',
context=context)
assert organizations == []
def test_report_an_issue(self, owner):
org = factories.Organization(user=owner)
dataset = factories.Dataset(owner_org=org['name'])
issue = issue_factories.Issue(user_id=owner['id'],
dataset_id=dataset['id'])
user = factories.User(name='unauthed')
context = {
'user': user['name'],
'model': model,
}
helpers.call_action(
'issue_report',
context=context,
dataset_id=dataset['id'],
issue_number=issue['number']
)
issue_obj = Issue.get(issue['id'])
assert len(issue_obj.abuse_reports) == 1
assert issue_obj.visibility == 'visible'
def test_resource_create_public_editor(self):
org = factories.Organization()
dataset = factories.Dataset(owner_org=org['id'])
user = factories.User()
context = self._get_context(user)
assert_raises(toolkit.NotAuthorized,
helpers.call_auth,
'resource_create',
context=context,
package_id=dataset['id'])
helpers.call_action('dataset_collaborator_create',
id=dataset['id'],
user_id=user['id'],
capacity='editor')
assert helpers.call_auth('resource_create',
context=context,
package_id=dataset['id'])
def test_resource_delete_editor(self):
'''Normally organization admins can delete resources
Our plugin prevents this by blocking delete organization.
Ensure the delete button is not displayed (as only resource delete
is checked for showing this)
'''
user = factories.User()
owner_org = factories.Organization(users=[{
'name': user['id'],
'capacity': 'admin'
}])
dataset = factories.Dataset(owner_org=owner_org['id'])
resource = factories.Resource(package_id=dataset['id'])
with pytest.raises(logic.NotAuthorized) as e:
logic.check_access('resource_delete', {'user': user['name']},
{'id': resource['id']})
assert e.value.message == 'User %s not authorized to delete resource %s' % (
user['name'], resource['id'])
def test_user_delete_removes_memberships_when_using_name(self):
user = factories.User()
factories.Organization(users=[{
u"name": user[u"id"],
u"capacity": u"admin"
}])
factories.Group(users=[{u"name": user[u"id"], u"capacity": u"admin"}])
context = {}
params = {u"id": user[u"name"]}
helpers.call_action(u"user_delete", context, **params)
user_memberships = (model.Session.query(
model.Member).filter(model.Member.table_id == user[u"id"]).all())
# Member objects are still there, but flagged as deleted
assert len(user_memberships) == 2
assert [m.state for m in user_memberships] == [u"deleted", u"deleted"]
def test_dataset_show_private_member(self):
org = factories.Organization()
dataset = factories.Dataset(private=True, owner_org=org['id'])
user = factories.User()
context = self._get_context(user)
assert_raises(toolkit.NotAuthorized,
helpers.call_auth,
'package_show',
context=context,
id=dataset['id'])
helpers.call_action('dataset_collaborator_create',
id=dataset['id'],
user_id=user['id'],
capacity='member')
assert helpers.call_auth('package_show',
context=context,
id=dataset['id'])
def test_resource_create_public_member(self):
org = factories.Organization()
dataset = factories.Dataset(owner_org=org['id'])
user = factories.User()
context = self._get_context(user)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth('resource_create',
context=context,
package_id=dataset['id'])
helpers.call_action('package_collaborator_create',
id=dataset['id'],
user_id=user['id'],
capacity='member')
with pytest.raises(logic.NotAuthorized):
helpers.call_auth('resource_create',
context=context,
package_id=dataset['id'])
def test_resource_view_create_public_editor(self, role):
org = factories.Organization()
dataset = factories.Dataset(owner_org=org['id'])
resource = factories.Resource(package_id=dataset['id'])
user = factories.User()
context = self._get_context(user)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth('resource_view_create',
context=context,
resource_id=resource['id'])
helpers.call_action('package_collaborator_create',
id=dataset['id'],
user_id=user['id'],
capacity=role)
assert helpers.call_auth('resource_view_create',
context=context,
resource_id=resource['id'])
def test_delete_org_by_updating_state(self, app):
user = factories.User()
org = factories.Organization(user=user)
_clear_activities()
org["state"] = "deleted"
helpers.call_action(
"organization_update", context={"user": user["name"]}, **org
)
url = url_for("activity.organization_activity", id=org["id"])
env = {"REMOTE_USER": user["name"]}
response = app.get(url, extra_environ=env)
assert (
'<a href="/user/{}">{}'.format(user["name"], user["fullname"])
in response
)
assert "deleted the organization" in response
assert (
'<a href="/organization/{}">{}'.format(org["name"], org["title"])
in response
)
def test_delete_dataset(self, app):
user = factories.User()
org = factories.Organization()
dataset = factories.Dataset(owner_org=org["id"], user=user)
_clear_activities()
helpers.call_action(
"package_delete", context={"user": user["name"]}, **dataset
)
url = url_for("activity.organization_activity", id=org["id"])
response = app.get(url)
page = BeautifulSoup(response.body)
href = page.select_one(".dataset")
assert (
'<a href="/user/{}">{}'.format(user["name"], user["fullname"])
in response
)
assert "deleted the dataset" in response
assert dataset["id"] in href.select_one("a")["href"].split("/", 2)[-1]
assert dataset["title"] in href.text.strip()
def test_change_organization(self, app):
user = factories.User()
org = factories.Organization(user=user)
_clear_activities()
org["title"] = "Organization with changed title"
helpers.call_action(
"organization_update", context={"user": user["name"]}, **org
)
url = url_for("activity.organization_activity", id=org["id"])
response = app.get(url)
assert (
'<a href="/user/{}">{}'.format(user["name"], user["fullname"])
in response
)
assert "updated the organization" in response
assert (
'<a href="/organization/{}">Organization with changed title'
.format(org["name"])
in response
)
def test_organization_patch_updating_single_field(self):
user = factories.User()
organization = factories.Organization(name="economy",
description="some test now",
user=user)
organization = helpers.call_action(
"organization_patch",
id=organization["id"],
description="somethingnew",
context={"user": user["name"]},
)
assert organization["name"] == "economy"
assert organization["description"] == "somethingnew"
organization2 = helpers.call_action("organization_show",
id=organization["id"])
assert organization2["name"] == "economy"
assert organization2["description"] == "somethingnew"
def test_package_dictize_owner_org(self):
org = factories.Organization(name="test_package_dictize")
dataset = factories.Dataset(owner_org=org["id"])
dataset_obj = model.Package.get(dataset["id"])
context = {"model": model, "session": model.Session}
result = model_dictize.package_dictize(dataset_obj, context)
assert result["owner_org"] == org["id"]
assert_equal_for_keys(result["organization"], org, "name")
expected_dict = {
u"approval_status": u"approved",
u"description": u"Just another test organization.",
u"image_url": u"https://placekitten.com/g/200/100",
u"is_organization": True,
u"name": u"test_package_dictize",
u"state": u"active",
u"title": u"Test Organization",
u"type": u"organization",
}
self.assert_equals_expected(expected_dict, result["organization"])
def test_resource_version_create_editor_user(self):
user = factories.User()
owner_org = factories.Organization(users=[{
'name': user['name'],
'capacity': 'editor'
}])
dataset = factories.Dataset(owner_org=owner_org['id'])
resource = factories.Resource(package_id=dataset['id'])
version = resource_version_create(get_context(user), {
'resource_id': resource['id'],
'name': '1',
'notes': 'Version notes'
})
assert version
assert version['package_id'] == dataset['id']
assert version['resource_id'] == resource['id']
assert version['notes'] == 'Version notes'
assert version['name'] == '1'
assert version['creator_user_id'] == user['id']
def test_api_dcserv_trace_list(app, create_with_upload):
user = factories.User()
owner_org = factories.Organization(users=[{
'name': user['id'],
'capacity': 'admin'
}])
# Note: `call_action` bypasses authorization!
create_context = {
'ignore_auth': False,
'user': user['name'],
'api_version': 3
}
# create a dataset
dataset, res = make_dataset(create_context,
owner_org,
create_with_upload=create_with_upload,
activate=True)
# taken from ckanext/example_iapitoken/tests/test_plugin.py
data = helpers.call_action(
u"api_token_create",
context={
u"model": model,
u"user": user[u"name"]
},
user=user[u"name"],
name=u"token-name",
)
resp = app.get("/api/3/action/dcserv",
params={
"id": res["id"],
"query": "trace_list",
},
headers={u"authorization": data["token"]},
status=200)
jres = json.loads(resp.body)
assert jres["success"]
with dclab.new_dataset(data_path / "calibration_beads_47.rtdc") as ds:
for key in ds["trace"]:
assert key in jres["result"]
def test_custom_datastore_create_with_resource(self):
user = factories.Sysadmin()
context = {'user': user['name']}
organization = factories.Organization()
with open('ckanext/dataquality/tests/test_create_dataset.json'
) as data_file:
kwargs = json.load(data_file)
kwargs['owner_org'] = organization.get('name')
dataset = helpers.call_action('package_create',
context=context,
**kwargs)
data_dict = datastore_create_mock(valid=False)
data_dict['resource'] = {
'package_id': dataset['name'],
'validation': '1'
}
result = helpers.call_action('custom_datastore_create',
context=context,
**data_dict)
assert 'validation_report' in result
data_dict = datastore_create_mock(valid=False)
data_dict['resource'] = {
'package_id': dataset['name'],
'validation': 'enforce'
}
result = helpers.call_action('custom_datastore_create',
context=context,
**data_dict)
assert 'validation_report' in result
assert result['message'] == \
'Resource cannot be inserted in Datastore due to errors.'
def test_resource_create_same_name_forbidden():
"""do not allow uploading resources with the same name"""
user = factories.User()
owner_org = factories.Organization(users=[{
'name': user['id'],
'capacity': 'admin'
}])
# Note: `call_action` bypasses authorization!
# create 1st dataset
create_context1 = {'ignore_auth': False,
'user': user['name'],
'api_version': 3}
dataset = make_dataset(create_context1, owner_org,
activate=False)
path = data_path / "calibration_beads_47.rtdc"
# create the first resource
with path.open('rb') as fd:
upload = cgi.FieldStorage()
upload.filename = path.name
upload.file = fd
helpers.call_action("resource_create", create_context1,
package_id=dataset["id"],
upload=upload,
url="upload",
name=path.name,
)
# attempt creation of second resource with same name
create_context2 = {'ignore_auth': False,
'user': user['name'], 'api_version': 3}
with path.open('rb') as fd:
upload = cgi.FieldStorage()
upload.filename = path.name
upload.file = fd
with pytest.raises(logic.ValidationError):
helpers.call_action("resource_create", create_context2,
package_id=dataset["id"],
upload=upload,
url="upload",
name=path.name,
)
def test_purged_dataset_leaves_no_trace_in_the_model(self):
factories.Group(name='group1')
org = factories.Organization()
dataset = factories.Dataset(
tags=[{'name': 'tag1'}],
groups=[{'name': 'group1'}],
owner_org=org['id'],
extras=[{'key': 'testkey', 'value': 'testvalue'}])
factories.Resource(package_id=dataset['id'])
num_revisions_before = model.Session.query(model.Revision).count()
helpers.call_action('dataset_purge',
context={'ignore_auth': True},
id=dataset['name'])
num_revisions_after = model.Session.query(model.Revision).count()
# the Package and related objects are gone
assert_equals(model.Session.query(model.Package).all(), [])
assert_equals(model.Session.query(model.Resource).all(), [])
assert_equals(model.Session.query(model.PackageTag).all(), [])
# there is no clean-up of the tag object itself, just the PackageTag.
assert_equals([t.name for t in model.Session.query(model.Tag).all()],
['tag1'])
assert_equals(model.Session.query(model.PackageExtra).all(), [])
# the only member left is for the user created in factories.Group() and
# factories.Organization()
assert_equals(sorted(
[(m.table_name, m.group.name)
for m in model.Session.query(model.Member).join(model.Group)]),
[('user', 'group1'), ('user', org['name'])])
# all the object revisions were purged too
assert_equals(model.Session.query(model.PackageRevision).all(), [])
assert_equals(model.Session.query(model.ResourceRevision).all(), [])
assert_equals(model.Session.query(model.PackageTagRevision).all(), [])
# PackageExtraRevision is not revisioned
# Member is not revisioned
# No Revision objects were purged or created
assert_equals(num_revisions_after - num_revisions_before, 0)
def test_owned_dataset_company_users_with_admin_should_edit(self):
org = factories.Organization()
fred = factories.User(name='fred')
bob = factories.User(name='bob')
alice = factories.User(name='alice')
member_fred = {
'username': fred['name'],
'role': 'admin',
'id': org['id']
}
helpers.call_action('organization_member_create', **member_fred)
member_bob = {
'username': bob['name'],
'role': 'admin',
'id': org['id']
}
helpers.call_action('organization_member_create', **member_bob)
dataset = factories.Dataset(user=fred,
owner_org=org['name'],
managing_users="bob")
context = {'model': model, 'user': '******'}
params = {
'id': dataset['id'],
}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
context = {'model': model, 'user': '******'}
result = helpers.call_auth('package_update', context=context, **params)
assert result == True
#Alice is not in the organization
context = {'model': model, 'user': '******'}
nose.tools.assert_raises(logic.NotAuthorized,
helpers.call_auth,
'package_update',
context=context,
**params)
def test_organization_autocomplete_by_name(self):
org = factories.Organization(name='simple-dummy-org')
url = url_for(controller='api',
action='organization_autocomplete',
ver='/2')
assert_equal(url, '/api/2/util/organization/autocomplete')
app = self._get_test_app()
response = app.get(
url=url,
params={
'q': u'simple',
},
status=200,
)
results = json.loads(response.body)
assert_equal(len(results), 1)
assert_equal(results[0]['name'], 'simple-dummy-org')
assert_equal(results[0]['title'], org['title'])
assert_equal(response.headers['Content-Type'],
'application/json;charset=utf-8')
def test_user_delete_removes_memberships_when_using_name(self):
user = factories.User()
factories.Organization(users=[{
u'name': user[u'id'],
u'capacity': u'admin'
}])
factories.Group(users=[{u'name': user[u'id'], u'capacity': u'admin'}])
context = {}
params = {u'id': user[u'name']}
helpers.call_action(u'user_delete', context, **params)
user_memberships = model.Session.query(
model.Member).filter(model.Member.table_id == user[u'id']).all()
# Member objects are still there, but flagged as deleted
assert_equals(len(user_memberships), 2)
assert_equals([m.state for m in user_memberships],
[u'deleted', u'deleted'])
def test_logged_in_users_cannot_delete_resources_they_do_not_own(self):
# setup our dataset
owner = factories.User()
owner_org = factories.Organization(users=[{
'name': owner['id'],
'capacity': 'admin'
}])
dataset = factories.Dataset(owner_org=owner_org['id'])
resource = factories.Resource(package_id=dataset['id'])
# access as another user
user = factories.User()
env = {'REMOTE_USER': user['name'].encode('ascii')}
app = helpers._get_test_app()
response = app.post(url_for(controller='package',
action='resource_delete',
id=dataset['name'],
resource_id=resource['id']),
extra_environ=env,
expect_errors=True)
assert_equal(401, response.status_int)
response.mustcontain('Unauthorized to delete package')
def test_not_authorized_if_user_has_no_permissions_on_dataset(self):
org = factories.Organization()
user = factories.User()
member = {'username': user['name'],
'role': 'admin',
'id': org['id']}
helpers.call_action('organization_member_create', **member)
user_2 = factories.User()
dataset = factories.Dataset(owner_org=org['id'])
resource = factories.Resource(package_id=dataset['id'])
context = {'user': user_2['name'], 'model': core_model}
nose.tools.assert_raises(logic.NotAuthorized, helpers.call_auth,
'resource_create_default_resource_views',
context=context,
resource=resource)
def test_auth_forbidden(app, create_with_upload):
user = factories.User()
user2 = factories.User()
owner_org = factories.Organization(users=[{
'name': user['id'],
'capacity': 'admin'
}])
# Note: `call_action` bypasses authorization!
create_context = {
'ignore_auth': False,
'user': user['name'],
'api_version': 3
}
# create a dataset
dataset, res = make_dataset(create_context,
owner_org,
create_with_upload=create_with_upload,
activate=True,
private=True)
# taken from ckanext/example_iapitoken/tests/test_plugin.py
data2 = helpers.call_action(
u"api_token_create",
context={
u"model": model,
u"user": user2[u"name"]
},
user=user2[u"name"],
name=u"token-name",
)
resp = app.get("/api/3/action/dcserv",
params={
"id": res["id"],
"query": "valid",
},
headers={u"authorization": data2["token"]},
status=403)
jres = json.loads(resp.body)
assert not jres["success"]
assert "not authorized to read resource" in jres["error"]["message"]
def test_datastore_delete_private_member(self):
org = factories.Organization()
dataset = factories.Dataset(private=True, owner_org=org[u'id'])
resource = factories.Resource(package_id=dataset[u'id'])
user = factories.User()
context = self._get_context(user)
with pytest.raises(logic.NotAuthorized):
helpers.call_auth(u'datastore_delete',
context=context,
resource_id=resource[u'id'])
helpers.call_action(u'package_collaborator_create',
id=dataset[u'id'],
user_id=user[u'id'],
capacity=u'member')
with pytest.raises(logic.NotAuthorized):
helpers.call_auth(u'datastore_delete',
context=context,
resource_id=resource[u'id'])
def test_make_private(self, app, user):
env = {"Authorization": user["token"]}
self.organization = factories.Organization(user=user)
datasets = [
factories.Dataset(owner_org=self.organization["id"], private=False)
for _ in range(0, 5)
]
form = {'dataset_' + d["id"]: "on" for d in datasets}
form["bulk_action.private"] = "private"
app.post(
url=url_for(
"organization.bulk_process", id=self.organization["id"]
),
extra_environ=env,
data=form
)
for dataset in datasets:
d = helpers.call_action("package_show", id=dataset["id"])
assert d["private"]
def test_all_fields_saved(self, app, user):
env = {"Authorization": user["token"]}
group = factories.Organization(user=user)
app.post(
url=url_for(
"organization.edit", id=group["id"]
),
extra_environ=env,
data={
"name": u"all-fields-edited",
"title": "Science",
"description": "Sciencey datasets",
"image_url": "http://example.com/image.png",
"save": ""
}
)
group = helpers.call_action(
"organization_show", id=group["id"]
)
assert group["title"] == u"Science"
assert group["description"] == "Sciencey datasets"
assert group["image_url"] == "http://example.com/image.png"
