def test_total_users_count(self):
"""Test total_users return 1 if there is one user"""
UserFactory.create()
count = self.user_repo.total_users()
assert count == 1, count
def test_user_not_allowed_actions_user(self, caching_mock):
"""Test POST, PUT and DELETE for USER actions are not allowed for user
in the API"""
clean_user_mock = MagicMock()
caching_mock.get.return_value = dict(refresh=clean_user_mock)
admin = UserFactory.create()
auth = UserFactory.create()
user = UserFactory.create()
url = 'api/user'
res = self.app.post(url + '?api_key=%s' % auth.api_key,
data=json.dumps(user.to_public_json()))
data = json.loads(res.data)
assert res.status_code == 405, res.status_code
assert data['status_code'] == 405, data
# Update another user
url += '/%s' % user.id
res = self.app.put(url + '?api_key=%s' % auth.api_key,
data=json.dumps(dict(name='new')))
assert res.status_code == 403, res.data
res = self.app.delete(url + '?apikey=%s' % auth.api_key)
assert res.status_code == 405, res.status_code
# Update the same user
url = 'api/user/%s' % auth.id
res = self.app.put(url + '?api_key=%s' % auth.api_key,
data=json.dumps(dict(name='new')))
data = json.loads(res.data)
assert res.status_code == 200, res.data
assert data['name'] == 'new', data
clean_user_mock.assert_called_with(data['id'])
def test_org_decline_invitation(self):
user_a = UserFactory.create(email="*****@*****.**")
user_b = UserFactory.create(email="*****@*****.**")
org = create_sample_organization(user_a, org_kwargs={
'name': u"My first org",
})
project = create_sample_project(user_a, project_kwargs={
'org': org
})
auth = AuthorizationAssociation.objects.create(
org=org,
user=user_b,
is_active=False,
is_admin=True
)
auth_p = AuthorizationAssociation.objects.create(
project=project,
user=user_b,
is_active=False,
is_admin=True
)
url = reverse("my_notifications")
response = self.app.get(url, user=user_b)
self.assertContains(response, org.name)
form = response.forms['form_decline_{0}'.format(auth.pk)]
response = form.submit().follow()
self.assertContains(response, "Invitation has been declined")
auth_filter = AuthorizationAssociation.objects.filter(pk=auth.pk)
self.assertFalse(auth_filter.exists())
auth_filter = AuthorizationAssociation.objects.filter(pk=auth_p.pk)
self.assertFalse(auth_filter.exists())
def test_org_accept_invitation(self):
user_a = UserFactory.create(email="*****@*****.**")
user_b = UserFactory.create(email="*****@*****.**")
org = create_sample_organization(user_a, org_kwargs={
'name': u"My first org",
})
project = create_sample_project(user_a, project_kwargs={
'org': org
})
auth = AuthorizationAssociation.objects.create(
org=org,
user=user_b,
is_active=False,
is_admin=True
)
project.add_user(user_b, is_active=False)
project = Project.objects.get(pk=project.pk)
self.assertFalse(project.can_read(user_b))
url = reverse("my_notifications")
response = self.app.get(url, user=user_b)
self.assertContains(response, org.name)
form = response.forms['form_accept_{0}'.format(auth.pk)]
response = form.submit().follow()
self.assertContains(response, "You are now a member of this "
"organization")
auth = AuthorizationAssociation.objects.get(pk=auth.pk)
self.assertTrue(auth.is_active)
project = Project.objects.get(pk=project.pk)
self.assertTrue(project.can_read(user_b))
def test_parse_post(self):
response = '''{"comments": {"can_post": 0, "count": 4},
"date": 1298365200,
"from_id": 55555,
"geo": {"coordinates": "55.6745689498 37.8724562529",
"place": {"city": "Moskovskaya oblast",
"country": "Russian Federation",
"title": "Shosseynaya ulitsa, Moskovskaya oblast"},
"type": "point"},
"id": 465,
"likes": {"can_like": 1, "can_publish": 1, "count": 10, "user_likes": 0},
"online": 1,
"post_source": {"type": "api"},
"reply_count": 0,
"reposts": {"count": 3, "user_reposted": 0},
"text": "qwerty",
"to_id": 201164356}
'''
instance = Post()
owner = UserFactory.create(remote_id=201164356) # Travis Djangov
author = UserFactory.create(remote_id=55555)
instance.parse(json.loads(response))
instance.save()
self.assertTrue(instance.remote_id.startswith('201164356_'))
self.assertEqual(instance.wall_owner, owner)
self.assertEqual(instance.author, author)
self.assertEqual(instance.reply_count, 0)
self.assertEqual(instance.likes, 10)
self.assertEqual(instance.reposts, 3)
self.assertEqual(instance.comments, 4)
self.assertEqual(instance.text, 'qwerty')
self.assertTrue(isinstance(instance.date, datetime))
def test_get_total_users_returns_number_of_users(self):
expected_number_of_users = 3
UserFactory.create_batch(expected_number_of_users)
total_users = cached_users.get_total_users()
assert total_users == expected_number_of_users, total_users
def test_taskrun_cannot_be_deleted_associated_result_variation_2(self):
"""Test API taskrun cannot be deleted when a result is associated
variation."""
root = UserFactory.create(admin=True)
results = self.create_result(filter_by=True)
project = project_repo.get(results[0].project_id)
task = task_repo.get_task(results[0].task_id)
task.n_answers = 30
task_repo.update(task)
volunteer = UserFactory.create()
tr_delete = TaskRunFactory.create(task=task, user=volunteer)
results = result_repo.filter_by(project_id=project.id, task_id=task.id)
assert len(results) == 1, len(results)
# Owner
for result in results:
for tr in result.task_run_ids:
url = '/api/taskrun/%s?api_key=%s' % (tr, root.api_key)
res = self.app.delete(url)
assert_equal(res.status, '403 FORBIDDEN', res.status)
url = '/api/taskrun/%s?api_key=%s' % (tr_delete.id,
volunteer.api_key)
res = self.app.delete(url)
assert_equal(res.status, '204 NO CONTENT', res.status)
def test_user_not_allowed_actions_admin (self):
"""Test POST, PUT and DELETE for ADMIN actions are not allowed for user
in the API"""
admin = UserFactory.create()
auth = UserFactory.create()
user = UserFactory.create()
url = 'api/user'
res = self.app.post(url + '?api_key=%s' % admin.api_key,
data=json.dumps(user.to_public_json()))
data = json.loads(res.data)
assert res.status_code == 405, res.status_code
assert data['status_code'] == 405, data
# Update another user
url += '/%s' % user.id
new_info = user.info
new_info['foo'] = 'bar'
res = self.app.put(url + '?api_key=%s' % admin.api_key,
data=json.dumps(dict(name='new', info=new_info)))
data = json.loads(res.data)
assert res.status_code == 200, res.data
assert data['name'] == 'new', data
assert data['info']['foo'] == 'bar', data
res = self.app.delete(url + '?apikey=%s' % auth.api_key)
assert res.status_code == 405, res.status_code
# Update the same user
url = 'api/user/%s' % admin.id
res = self.app.put(url + '?api_key=%s' % admin.api_key,
data=json.dumps(dict(name='newadmin')))
data = json.loads(res.data)
assert res.status_code == 200, res.data
assert data['name'] == 'newadmin', data
def test_order_allocations(app):
org = OrganizationFactory.create()
u1 = UserFactory.create(organization=org)
u2 = UserFactory.create(organization=org)
u3 = UserFactory.create(organization=org)
vendor = VendorFactory.create()
order = Order(
ordered_by=u1, vendor=vendor,
for_date=date.today(), placed_at=datetime.now(),
)
db.session.add(order)
db.session.commit()
assert order.total_amount == Decimal("0.00")
oc1 = OrderContribution(order=order, user=u1, amount=Decimal("10.80"))
db.session.add(oc1)
db.session.commit()
assert order.total_amount == Decimal("10.80")
oc2 = OrderContribution(order=order, user=u2, amount=Decimal("2.50"))
db.session.add(oc2)
db.session.commit()
assert order.total_amount == Decimal("13.30")
oc3 = OrderContribution(order=order, user=u3, amount=Decimal("4.75"))
db.session.add(oc3)
db.session.commit()
assert order.total_amount == Decimal("18.05")
def test_project_revoke_invitation(self):
user_a = UserFactory.create(email="*****@*****.**")
user_b = UserFactory.create(email="*****@*****.**")
project = create_sample_project(user_a, project_kwargs={
'name': u"My first project",
})
project.add_user(user_b)
url = reverse("dashboard")
response = self.app.get(url, user=user_b)
self.assertContains(response, u"My first project")
auth = AuthorizationAssociation.objects.get(
project=project,
user=user_b
)
url = reverse("project_auth_delete", args=(project.pk, auth.pk))
self.app.get(url, user=user_b, status=403)
response = self.app.get(url, user=user_a)
form = response.forms['delete_form']
response = form.submit().follow()
self.assertContains(
response,
'User {0} has been revoked.'.format(user_b.email),
)
url = reverse("dashboard")
response = self.app.get(url, user=user_b)
self.assertNotContains(response, u"My first project")
def test_query_post_favorites_auth(self):
"""Test API POST Favorites works for user."""
user = UserFactory.create()
user2 = UserFactory.create()
task = TaskFactory.create()
url = self.url + '?api_key=%s' % user.api_key
res = self.app.post(url, data=json.dumps(dict(task_id=task.id)))
data = json.loads(res.data)
assert res.status_code == 200, res.status_code
assert data['fav_user_ids'] == [user.id], data
url = self.url + '?api_key=%s' % user2.api_key
res = self.app.post(url, data=json.dumps(dict(task_id=task.id)))
data = json.loads(res.data)
assert res.status_code == 200, res.status_code
assert user.id in data['fav_user_ids'], data
assert user2.id in data['fav_user_ids'], data
url = self.url + '?api_key=%s' % user2.api_key
res = self.app.post(url, data=json.dumps(dict(task_id=4000000000)))
data = json.loads(res.data)
assert res.status_code == 404, res.status_code
assert data['status_code'] == 404, data
url = self.url + '?api_key=%s' % user2.api_key
res = self.app.post(url, data=json.dumps(dict(task_id=task.id)))
data = json.loads(res.data)
assert res.status_code == 200, res.status_code
assert user.id in data['fav_user_ids'], data
assert user2.id in data['fav_user_ids'], data
def test_delete_blogpost(self, mock_delete):
"""Test API Blogpost delete post (DEL)."""
mock_delete.return_value = True
admin = UserFactory.create()
owner = UserFactory.create()
user = UserFactory.create()
project = ProjectFactory.create(owner=owner)
blogpost = BlogpostFactory.create(project=project)
blogpost2 = BlogpostFactory.create(project=project)
# As anon
url = '/api/blogpost/%s' % blogpost.id
res = self.app.delete(url)
data = json.loads(res.data)
assert res.status_code == 401, res.status_code
# As user
url = '/api/blogpost/%s?api_key=%s' % (blogpost.id, user.api_key)
res = self.app.delete(url)
assert res.status_code == 403, res.status_code
# As owner
url = '/api/blogpost/%s?api_key=%s' % (blogpost.id, owner.api_key)
res = self.app.delete(url)
assert res.status_code == 204, res.status_code
assert mock_delete.called_with(blogpost.info['file_name'],
blogpost.info['container'])
# As admin
url = '/api/blogpost/%s?api_key=%s' % (blogpost2.id, admin.api_key)
res = self.app.delete(url)
assert res.status_code == 204, res.status_code
def test_user_03_respects_limit_tasks(self):
""" Test SCHED newtask respects the limit of 30 TaskRuns per Task"""
project = ProjectFactory.create(info=dict(sched='depth_first_all'),
owner=UserFactory.create(id=500))
orig_tasks = TaskFactory.create_batch(1, project=project, n_answers=10)
user = UserFactory.create()
tasks = get_depth_first_all_task(project.id, user.id)
assert len(tasks) == 1, len(tasks)
assert tasks[0].id == orig_tasks[0].id, tasks
assert tasks[0].state == 'ongoing', tasks
for i in range(10):
tr = TaskRun(project_id=project.id,
task_id=orig_tasks[0].id,
user_ip='127.0.0.%s' % i)
db.session.add(tr)
db.session.commit()
tasks = get_depth_first_all_task(project.id, user.id)
assert len(tasks) == 1, len(tasks)
assert tasks[0].id == orig_tasks[0].id, tasks
assert tasks[0].state == 'completed', tasks
assert len(tasks[0].task_runs) == 10, tasks
tr = TaskRun(project_id=project.id,
task_id=orig_tasks[0].id,
user_id=user.id)
db.session.add(tr)
db.session.commit()
tasks = get_depth_first_all_task(project.id, user.id)
assert len(tasks) == 0, tasks
def test_result_post(self):
"""Test API Result creation"""
admin = UserFactory.create()
user = UserFactory.create()
non_owner = UserFactory.create()
project = ProjectFactory.create(owner=user)
data = dict(info='final result')
# anonymous user
# no api-key
res = self.app.post('/api/result', data=json.dumps(data))
error_msg = 'Should not be allowed to create'
assert_equal(res.status, '401 UNAUTHORIZED', error_msg)
### real user but not allowed as not owner!
res = self.app.post('/api/result?api_key=' + non_owner.api_key,
data=json.dumps(data))
error_msg = 'Should not be able to post tasks for projects of others'
assert_equal(res.status, '403 FORBIDDEN', error_msg)
# now a real user
res = self.app.post('/api/result?api_key=' + user.api_key,
data=json.dumps(data))
assert_equal(res.status, '403 FORBIDDEN', error_msg)
# now the root user
res = self.app.post('/api/result?api_key=' + admin.api_key,
data=json.dumps(data))
assert_equal(res.status, '403 FORBIDDEN', error_msg)
# POST with not JSON data
url = '/api/result?api_key=%s' % user.api_key
res = self.app.post(url, data=data)
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'result', err
assert err['action'] == 'POST', err
assert err['exception_cls'] == 'ValueError', err
# POST with not allowed args
res = self.app.post(url + '&foo=bar', data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'result', err
assert err['action'] == 'POST', err
assert err['exception_cls'] == 'AttributeError', err
# POST with fake data
data['wrongfield'] = 13
res = self.app.post(url, data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'result', err
assert err['action'] == 'POST', err
assert err['exception_cls'] == 'TypeError', err
def test_notify_news_admins(self):
user = UserFactory.create(admin=False)
user2 = UserFactory.create(admin=False)
notify_news_admins()
key = "notify:admin:%s" % user2.id
value = sentinel.slave.get(key)
err_msg = "Key should not exist"
assert value is None, err_msg
def test_user_check_duplicated_username(self):
# create a user
UserFactory.create(username='******')
# try to create another user with the same username
self.data.update({'username': '******'})
response = self.client.post(reverse('accounts_registration'), self.data)
self.assertContains(response, u'Erro ao processar formulário')
def test_admins_can_delete_any_user(self):
"""Test admins users can delete any given user"""
himself = UserFactory.create()
other_user = UserFactory.create()
assert himself.id == self.mock_admin.id
assert other_user.id != self.mock_admin.id
assert_not_raises(Exception, getattr(require, 'user').delete, other_user)
def test_get_users(self):
tyrion = UserFactory.create(name='Tyrion Lannister')
theon = UserFactory.create(name='reek', fullname='Theon Greyjoy')
retrieved_users = self.user_repo.get_users([tyrion.id, theon.id])
assert any(user == tyrion for user in retrieved_users)
assert any(user == theon for user in retrieved_users)
def test_get_by_returns_none_if_no_user(self):
"""Test get_by returns None if no user matches the query"""
UserFactory.create(name='Tyrion Lannister')
user = self.user_repo.get_by(name='no_name')
assert user is None, user
def test_admins_can_delete_any_user(self):
"""Test admins users can delete any given user"""
himself = UserFactory.create()
other_user = UserFactory.create()
assert himself.id == self.mock_admin.id
assert other_user.id != self.mock_admin.id
assert_not_raises(Exception, ensure_authorized_to, 'delete', other_user)
def test_limits_query(self):
"""Test API GET limits works"""
owner = UserFactory.create()
projects = ProjectFactory.create_batch(30, owner=owner)
for project in projects:
task = TaskFactory.create(project=project)
TaskRunFactory.create(task=task)
res = self.app.get('/api/project')
data = json.loads(res.data)
assert len(data) == 20, len(data)
res = self.app.get('/api/project?limit=10')
data = json.loads(res.data)
assert len(data) == 10, len(data)
# DEPRECATED
res = self.app.get('/api/project?limit=10&offset=10')
data = json.loads(res.data)
assert len(data) == 10, len(data)
assert data[0].get('name') == projects[10].name, data[0]
# Keyset pagination
url = '/api/project?limit=10&last_id=%s' % projects[9].id
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 10, len(data)
assert data[0].get('name') == projects[10].name, data[0]
res = self.app.get('/api/task')
data = json.loads(res.data)
assert len(data) == 20, len(data)
res = self.app.get('/api/taskrun')
data = json.loads(res.data)
assert len(data) == 20, len(data)
UserFactory.create_batch(30)
res = self.app.get('/api/user')
data = json.loads(res.data)
assert len(data) == 20, len(data)
res = self.app.get('/api/user?limit=10')
data = json.loads(res.data)
assert len(data) == 10, len(data)
# DEPRECATED
res = self.app.get('/api/user?limit=10&offset=10')
data = json.loads(res.data)
assert len(data) == 10, len(data)
assert data[0].get('name') == 'user11', data
res = self.app.get('/api/user?limit=10&last_id=10')
data = json.loads(res.data)
assert len(data) == 10, len(data)
assert data[0].get('name') == 'user11', data
def test_filter_by_no_matches(self):
"""Test filter_by returns an empty list if no users match the query"""
UserFactory.create(name='reek', fullname='Theon Greyjoy')
retrieved_users = self.user_repo.filter_by(name='asha')
assert isinstance(retrieved_users, list)
assert len(retrieved_users) == 0, retrieved_users
def test_result_update(self):
"""Test API result update"""
admin = UserFactory.create()
user = UserFactory.create()
non_owner = UserFactory.create()
data = dict(info=dict(foo='bar'))
datajson = json.dumps(data)
result = self.create_result(owner=user)
## anonymous
res = self.app.put('/api/result/%s' % result.id, data=datajson)
assert_equal(res.status, '401 UNAUTHORIZED', res.status)
### real user but not allowed as not owner!
url = '/api/result/%s?api_key=%s' % (result.id, non_owner.api_key)
res = self.app.put(url, data=datajson)
assert_equal(res.status, '403 FORBIDDEN', res.status)
### real user
url = '/api/result/%s?api_key=%s' % (result.id, user.api_key)
res = self.app.put(url, data=datajson)
out = json.loads(res.data)
assert_equal(res.status, '200 OK', res.data)
assert_equal(result.info['foo'], data['info']['foo'])
assert result.id == out['id'], out
### root
res = self.app.put('/api/result/%s?api_key=%s' % (result.id, admin.api_key),
data=datajson)
assert_equal(res.status, '403 FORBIDDEN', res.status)
# PUT with not JSON data
res = self.app.put(url, data=None)
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'result', err
assert err['action'] == 'PUT', err
assert err['exception_cls'] == 'ValueError', err
# PUT with not allowed args
res = self.app.put(url + "&foo=bar", data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'result', err
assert err['action'] == 'PUT', err
assert err['exception_cls'] == 'AttributeError', err
# PUT with fake data
data['wrongfield'] = 13
res = self.app.put(url, data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'result', err
assert err['action'] == 'PUT', err
assert err['exception_cls'] == 'TypeError', err
def test_result_update(self):
"""Test API result update"""
admin = UserFactory.create()
user = UserFactory.create()
non_owner = UserFactory.create()
data = dict(info=dict(foo="bar"))
datajson = json.dumps(data)
result = self.create_result(owner=user)
## anonymous
res = self.app.put("/api/result/%s" % result.id, data=datajson)
assert_equal(res.status, "401 UNAUTHORIZED", res.status)
### real user but not allowed as not owner!
url = "/api/result/%s?api_key=%s" % (result.id, non_owner.api_key)
res = self.app.put(url, data=datajson)
assert_equal(res.status, "403 FORBIDDEN", res.status)
### real user
url = "/api/result/%s?api_key=%s" % (result.id, user.api_key)
res = self.app.put(url, data=datajson)
out = json.loads(res.data)
assert_equal(res.status, "200 OK", res.data)
assert_equal(result.info["foo"], data["info"]["foo"])
assert result.id == out["id"], out
### root
res = self.app.put("/api/result/%s?api_key=%s" % (result.id, admin.api_key), data=datajson)
assert_equal(res.status, "403 FORBIDDEN", res.status)
# PUT with not JSON data
res = self.app.put(url, data=None)
err = json.loads(res.data)
assert res.status_code == 415, err
assert err["status"] == "failed", err
assert err["target"] == "result", err
assert err["action"] == "PUT", err
assert err["exception_cls"] == "ValueError", err
# PUT with not allowed args
res = self.app.put(url + "&foo=bar", data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err["status"] == "failed", err
assert err["target"] == "result", err
assert err["action"] == "PUT", err
assert err["exception_cls"] == "AttributeError", err
# PUT with fake data
data["wrongfield"] = 13
res = self.app.put(url, data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err["status"] == "failed", err
assert err["target"] == "result", err
assert err["action"] == "PUT", err
assert err["exception_cls"] == "TypeError", err
def test_result_post(self):
"""Test API Result creation"""
admin = UserFactory.create()
user = UserFactory.create()
non_owner = UserFactory.create()
project = ProjectFactory.create(owner=user)
data = dict(info="final result")
# anonymous user
# no api-key
res = self.app.post("/api/result", data=json.dumps(data))
error_msg = "Should not be allowed to create"
assert_equal(res.status, "401 UNAUTHORIZED", error_msg)
### real user but not allowed as not owner!
res = self.app.post("/api/result?api_key=" + non_owner.api_key, data=json.dumps(data))
error_msg = "Should not be able to post tasks for projects of others"
assert_equal(res.status, "403 FORBIDDEN", error_msg)
# now a real user
res = self.app.post("/api/result?api_key=" + user.api_key, data=json.dumps(data))
assert_equal(res.status, "403 FORBIDDEN", error_msg)
# now the root user
res = self.app.post("/api/result?api_key=" + admin.api_key, data=json.dumps(data))
assert_equal(res.status, "403 FORBIDDEN", error_msg)
# POST with not JSON data
url = "/api/result?api_key=%s" % user.api_key
res = self.app.post(url, data=data)
err = json.loads(res.data)
assert res.status_code == 415, err
assert err["status"] == "failed", err
assert err["target"] == "result", err
assert err["action"] == "POST", err
assert err["exception_cls"] == "ValueError", err
# POST with not allowed args
res = self.app.post(url + "&foo=bar", data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err["status"] == "failed", err
assert err["target"] == "result", err
assert err["action"] == "POST", err
assert err["exception_cls"] == "AttributeError", err
# POST with fake data
data["wrongfield"] = 13
res = self.app.post(url, data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err["status"] == "failed", err
assert err["target"] == "result", err
assert err["action"] == "POST", err
assert err["exception_cls"] == "TypeError", err
def test_delete_if_correct_user(self):
new_user = UserFactory()
new_user.set_password('asdf')
new_user.save()
total_users = User.objects.count()
self.client.login(username=new_user.username, password='******')
response = self.client.post(reverse('users:destroy', kwargs={'pk': new_user.pk}), {'_method': 'delete'})
self.assertRedirects(response, reverse('home'))
self.assertEqual(User.objects.count(), total_users - 1)
class LoginTest(TestCase):
def test_root(self):
self.c = Client()
self.u = UserFactory()
self.u.set_password("test")
self.u.save()
self.c.login(username=self.u.username, password="******")
response = self.c.get("/")
self.assertEquals(response.status_code, 200)
def test_get_user_summary_user_exists(self):
"""Test CACHE USERS get_user_summary returns a dict with the user data
if the user exists"""
UserFactory.create(name='zidane')
UserFactory.create(name='figo')
zizou = cached_users.get_user_summary('zidane')
assert type(zizou) is dict, type(zizou)
assert zizou != None, zizou
def test_get_user_summary_returns_fields(self):
"""Test CACHE USERS get_user_summary all the fields in the dict"""
UserFactory.create(name='user')
fields = ('id', 'name', 'fullname', 'created', 'api_key',
'twitter_user_id', 'google_user_id', 'facebook_user_id',
'info', 'email_addr', 'n_answers', 'rank', 'score', 'total')
user = cached_users.get_user_summary('user')
for field in fields:
assert field in user.keys(), field
class CrudTest(TestCase):
def setUp(self):
self.c = Client()
self.u = UserFactory(is_staff=True)
self.u.set_password("test")
self.u.save()
# need to make the user have at least one group
g = Group.objects.create(name=self.u.username)
g.user_set.add(self.u)
g.save()
self.c.login(username=self.u.username, password="******")
def test_category_crud(self):
r = self.c.get("/")
self.assertFalse("test category" in r.content)
r = self.c.post("/category/add/", {'name': 'test category'})
self.assertEqual(r.status_code, 302)
r = self.c.get("/")
self.assertTrue("test category" in r.content)
category = Category.objects.get(name="test category")
r = self.c.post("/category/%d/delete/" % category.id, dict())
self.assertEqual(r.status_code, 302)
r = self.c.get("/")
self.assertFalse("test category" in r.content)
def test_application_crud(self):
c = CategoryFactory()
r = self.c.get(c.get_absolute_url())
self.assertFalse("test application" in r.content)
r = self.c.post(c.get_absolute_url() + "add_application/",
{'name': 'test application'})
self.assertEqual(r.status_code, 302)
r = self.c.get(c.get_absolute_url())
self.assertTrue("test application" in r.content)
def test_deployment_crud(self):
a = ApplicationFactory()
r = self.c.get(a.get_absolute_url())
self.assertFalse("test deployment" in r.content)
r = self.c.post(a.get_absolute_url() + "add_deployment/",
{'name': 'test deployment'})
self.assertEqual(r.status_code, 302)
r = self.c.get(a.get_absolute_url())
self.assertTrue("test deployment" in r.content)
def test_setting_crud(self):
d = DeploymentFactory()
d.add_editor(self.u)
r = self.c.get(d.get_absolute_url())
self.assertFalse("test setting" in r.content)
r = self.c.post(d.get_absolute_url() + "add_setting/",
{'name': 'test setting', 'value': 'test value'})
self.assertEqual(r.status_code, 302)
r = self.c.get(d.get_absolute_url())
self.assertTrue("test setting" in r.content)
def test_task_rejected(self, mock_client):
"""Test Z3950 annotation not created when task rejected * n_answers."""
n_answers = 3
target = 'example.com'
anno_collection = 'annotations.example.com'
task = self.ctx.create_task(n_answers,
target,
anno_collection=anno_collection)
user = UserFactory()
reason = 'invalid-task'
TaskRunFactory.create_batch(n_answers,
user=user,
task=task,
info={'reject': reason})
result = self.result_repo.filter_by(project_id=task.project_id)[0]
fake_search = MagicMock()
fake_search.return_value = []
mock_client.search_annotations = fake_search
self.z3950_analyst.analyse(result.id)
assert not mock_client.create_annotation.called
assert_dict_equal(result.info, {
'annotations': anno_collection,
'rejected': reason
})
def setUp(self):
# Competition and creator
self.creator = UserFactory(username='******', password='******')
self.comp = CompetitionFactory(created_by=self.creator)
self.phase = PhaseFactory(competition=self.comp)
for _ in range(2):
self.phase.tasks.add(TaskFactory.create())
# Extra phase for testing tasks can't be run on the wrong phase
self.other_phase = PhaseFactory(competition=self.comp)
# URL and data for making submissions
self.submission_url = reverse('submission-list')
self.submission_data = {
'phase':
self.phase.id,
'data':
Data.objects.create(created_by=self.creator,
type=Data.SUBMISSION).key,
'tasks':
random.sample(
list(self.phase.tasks.all().values_list('id', flat=True)), 2)
}
self.sorted_tasks = sorted(self.submission_data['tasks'])
def test_push_notification(self, mock_queue, mock_onesignal):
"""Test push_notification with config works."""
user = UserFactory.create()
project = ProjectFactory.create(owner=user)
blog = dict(title="hello", body="world", project_id=project.id)
url = '/api/blogpost?api_key=%s' % user.api_key
res = self.app.post(url, data=json.dumps(blog))
blogdata = json.loads(res.data)
assert res.status_code == 200, res.data
contents = {"en": "New update!"}
headings = {"en": blog['title']}
launch_url = url_for('project.show_blogpost',
short_name=project.short_name,
id=blogdata['id'],
_external=True)
web_buttons = [{
"id": "read-more-button",
"text": "Read more",
"icon": "http://i.imgur.com/MIxJp1L.png",
"url": launch_url
}]
mock_queue.assert_called_with(push_notification,
project_id=project.id,
contents=contents,
headings=headings,
web_buttons=web_buttons,
launch_url=launch_url)
def test_annotation_collection_iri_added_to_result_info(self, mock_client):
"""Test IIIF result info updated with AnnotationCollection IRI."""
n_answers = 3
target = 'example.com'
anno_collection = 'annotations.example.com'
task = self.ctx.create_task(n_answers,
target,
anno_collection=anno_collection)
user = UserFactory()
TaskRunFactory.create_batch(n_answers,
user=user,
task=task,
info=[{
'motivation': 'commenting',
'body': {
'value': 'foo'
}
}])
result = self.result_repo.filter_by(project_id=task.project_id)[0]
fake_search = MagicMock()
fake_search.return_value = []
mock_client.search_annotations = fake_search
self.iiif_analyst.analyse(result.id)
assert_dict_equal(result.info, {'annotations': anno_collection})
def test_taskrun_query_list_project_ids(self):
"""Get a list of tasks runs using a list of project_ids."""
admin = UserFactory.create()
projects = ProjectFactory.create_batch(3)
task_runs = []
for project in projects:
tmp = TaskRunFactory.create_batch(2, project=project)
for t in tmp:
task_runs.append(t)
project_ids = [project.id for project in projects]
url = '/api/taskrun?project_id=%s&limit=100&all=1&api_key=%s' % (project_ids, admin.api_key)
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 3 * 2, len(data)
for task in data:
assert task['project_id'] in project_ids
task_run_project_ids = list(set([task['project_id'] for task in data]))
assert sorted(project_ids) == sorted(task_run_project_ids)
# more filters
res = self.app.get(url + '&orderby=created&desc=true')
data = json.loads(res.data)
assert data[0]['id'] == task_runs[-1].id
def setUpClass(self):
"""
Create user locations if does not exist already
"""
if not UserLocation.objects.all():
fnames, lnames = self.create_names_list()
# Iterate 50 times to create batch profiles of about 10000 users
for iteration in range(50):
fname = (random.choice(fnames)).lower()
lname = (random.choice(lnames)).lower()
sname = fname[0] + lname
users = UserFactory.create_batch(200,
first_name=fname,
last_name=lname,
short_name=sname)
for user in users:
# Create a batch of 200 userlocations corresponding
# to each user
new_lat, new_lng = self.calc_rand_loctn(
40.7033127, -73.979681, 5)
UserLocationFactory.create(lat=new_lat,
lng=new_lng,
user=user)
def test_05_app_stats_index(self):
'''Test PRIVACY project stats privacy is respected'''
# As Anonymou user
admin, user, owner = UserFactory.create_batch(3)
task = TaskFactory.create(n_answers=3)
TaskRunFactory.create_batch(3, task=task)
url = '/project/%s/stats' % task.project.short_name
update_stats(task.project.id)
res = self.app.get(url, follow_redirects=True)
assert 'This feature requires being logged in' in res.data, res.data
# As Authenticated user but NOT ADMIN
res = self.app.get(url + '?api_key=%s' % user.api_key,
follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = 'Project Stats page should not be shown to authenticated users'
assert dom.find(id='enforce_privacy') is not None, err_msg
self.signout
# As Authenticated user but ADMIN
res = self.app.get(url + '?api_key=%s' % admin.api_key,
follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = 'Project Stats page should be shown to admin users'
assert dom.find(id='enforce_privacy') is None, err_msg
self.signout()
def test_newtask_extends_expiration_by_timeout(self):
"""Test API project new_task extends expiration according to timeout"""
project = ProjectFactory.create(
info={
'timeout':
120 * 60,
'data_classification':
dict(input_data="L4 - public", output_data="L4 - public")
})
project.set_password('the_password')
project_repo.save(project)
TaskFactory.create_batch(2,
project=project,
info={'question': 'answer'})
user = UserFactory.create()
url = '/project/%s/password?api_key=%s' % (project.short_name,
user.api_key)
data = dict(password='******')
res = self.app.post(url, data=data)
c, v, e = get_pwd_cookie(project.short_name, res)
assert c
self.app.set_cookie('/', c, v)
now = datetime.utcnow()
url = '/api/project/%s/newtask?api_key=%s' % (project.id, user.api_key)
res = self.app.get(url)
assert res.status_code == 200, (res, res.data)
task = json.loads(res.data)
assert task['info'].get('question') == 'answer'
c, v, new_exp = get_pwd_cookie(project.short_name, res)
assert new_exp - now > timedelta(minutes=115)
assert new_exp - now < timedelta(minutes=125)
def test_export_tasks_bucket(self, create_conn, mail):
"""Test JOB export_tasks to bucket works."""
user = UserFactory.create(admin=True)
project = ProjectFactory.create(name='test_project',
info={'export-bucket': 'buck'})
task = TaskFactory.create(project=project)
task_run = TaskRunFactory.create(project=project, task=task)
conn = create_conn.return_value
buck = conn.get_bucket.return_value
key = buck.new_key.return_value
key.generate_url.return_value = 'https://s3.com/buck/key'
with patch.dict(self.flask_app.config, {
'EXPORT_MAX_SIZE': 0,
'EXPORT_BUCKET': 'export-bucket'
}):
export_tasks(user.email_addr, project.short_name, 'consensus',
False, 'csv')
args, kwargs = mail.send.call_args
message = args[0]
assert message.recipients[0] == user.email_addr, message.recipients
assert message.subject == 'Data exported for your project: test_project', message.subject
assert not message.attachments
assert 'https://s3.com/buck/key' in message.html
def test_get_query_with_api_key_and_all(self):
""" Test API GET query with an API-KEY requesting all results"""
users = UserFactory.create_batch(3)
project = ProjectFactory.create(owner=users[0], info={'total': 150})
task = TaskFactory.create(project=project, info={'url': 'my url'})
taskrun = TaskRunFactory.create(task=task,
user=users[0],
info={'answer': 'annakarenina'})
for endpoint in self.endpoints:
url = '/api/' + endpoint + '?api_key=' + users[1].api_key + '&all=1'
res = self.app.get(url)
data = json.loads(res.data)
if endpoint == 'project':
assert len(data) == 1, data
project = data[0]
assert project['info']['total'] == 150, data
assert res.mimetype == 'application/json', res
if endpoint == 'task':
assert len(data) == 1, data
task = data[0]
assert task['info']['url'] == 'my url', data
assert res.mimetype == 'application/json', res
if endpoint == 'taskrun':
assert len(data) == 1, data
taskrun = data[0]
assert taskrun['info']['answer'] == 'annakarenina', data
assert res.mimetype == 'application/json', res
if endpoint == 'user':
assert len(data) == 3, data
user = data[0]
assert user['name'] == 'user1', data
assert res.mimetype == 'application/json', res
def test_project_update_attributes_non_owner(self):
"""Test Auditlog API project update attributes works for non owners."""
project = ProjectFactory.create()
user = UserFactory.create()
data = {
'name':
'New Name',
'short_name':
project.short_name,
'description':
'new_description',
'long_description':
'new_long_description',
'allow_anonymous_contributors':
False,
'data_classification':
dict(input_data="L4 - public", output_data="L4 - public")
}
url = '/api/project/%s?api_key=%s' % (project.id, user.api_key)
self.app.put(url, data=json.dumps(data))
logs = auditlog_repo.filter_by(project_id=project.id)
assert len(logs) == 0, logs
def test_04_global_stats_index(self):
'''Test PRIVACY global stats privacy is respected'''
admin, user, owner = UserFactory.create_batch(3)
# As Anonymou user
url = '/stats'
res = self.app.get(url, follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = 'Stats page should not be shown to anonymous users'
assert dom.find(id='enforce_privacy') is not None, err_msg
# As Authenticated user but NOT ADMIN
self.signin()
res = self.app.get(url + '?api_key=%s' % user.api_key,
follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = 'Stats page should not be shown to authenticated users'
assert dom.find(id='enforce_privacy') is not None, err_msg
self.signout
# As Authenticated user but ADMIN
res = self.app.get(url + '?api_key=%s' % admin.api_key,
follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = 'Stats page should be shown to admin users'
assert dom.find(id='enforce_privacy') is None, err_msg
self.signout()
def test_task_query_without_params_with_context(self):
""" Test API Task query with context"""
user = UserFactory.create()
project_oc = ProjectFactory.create(owner=user)
project_two = ProjectFactory.create()
TaskFactory.create_batch(10,
project=project_oc,
info={'question': 'answer'})
TaskFactory.create_batch(10,
project=project_two,
info={'question': 'answer'})
res = self.app.get('/api/task?api_key=' + user.api_key)
tasks = json.loads(res.data)
assert len(tasks) == 10, tasks
for task in tasks:
assert task['project_id'] == project_oc.id, task
assert task['info']['question'] == 'answer', task
# The output should have a mime-type: application/json
assert res.mimetype == 'application/json', res
res = self.app.get('/api/task?api_key=' + user.api_key + "&all=1")
tasks = json.loads(res.data)
assert len(tasks) == 20, tasks
def test_leaderboard_foo_key_current_user_window(self):
"""Test JOB leaderboard returns users for foo key with current user and
window."""
UserFactory.create_batch(10, info=dict(n=0))
UserFactory.create_batch(10, info=dict(n=2))
users = []
for score in range(11, 22):
users.append(UserFactory.create(info=dict(n=score)))
myself = UserFactory.create(info=dict(n=1))
leaderboard(info='n')
top_users = get_leaderboard(user_id=myself.id, info='n', window=5)
assert len(top_users) == 20 + 5 + 1 + 5, len(top_users)
assert top_users[25]['name'] == myself.name
assert top_users[25]['score'] == myself.info.get('n')
assert top_users[24]['score'] >= myself.info.get('n')
assert top_users[26]['score'] <= myself.info.get('n')
def test_privacy_mode_user_get(self):
"""Test API user queries for privacy mode"""
admin = UserFactory.create()
user = UserFactory.create()
# Add user with fullname 'Public user', privacy mode disabled
user_with_privacy_disabled = UserFactory.create(email_addr='*****@*****.**',
name='publicUser', fullname='Public user',
privacy_mode=False)
# Add user with fullname 'Private user', privacy mode enabled
user_with_privacy_enabled = UserFactory.create(email_addr='*****@*****.**',
name='privateUser', fullname='Private user',
privacy_mode=True)
# With no API-KEY
# User with privacy disabled
res = self.app.get('/api/user/3')
data = json.loads(res.data)
user_with_privacy_disabled = data
# When checking a public field it should be returned
assert user_with_privacy_disabled['locale'] == 'en', data
# When checking a private field it should be returned too
assert user_with_privacy_disabled['fullname'] == 'Public user', data
# User with privacy enabled
res = self.app.get('/api/user/4')
data = json.loads(res.data)
user_with_privacy_enabled = data
# When checking a public field it should be returned
assert user_with_privacy_enabled['locale'] == 'en', data
# When checking a private field it should not be returned
assert 'fullname' not in user_with_privacy_enabled, data
# Users with privacy enabled and disabled, mixed together
res = self.app.get('/api/user')
data = json.loads(res.data)
user_with_privacy_disabled = data[2]
user_with_privacy_enabled = data[3]
assert user_with_privacy_disabled['locale'] == 'en', data
assert user_with_privacy_disabled['fullname'] == 'Public user', data
assert user_with_privacy_enabled['locale'] == 'en', data
assert 'fullname' not in user_with_privacy_enabled, data
# With a non-admin API-KEY
# User with privacy disabled
res = self.app.get('/api/user/3?api_key=' + user.api_key)
data = json.loads(res.data)
user_with_privacy_disabled = data
# When checking a public field it should be returned
assert user_with_privacy_disabled['locale'] == 'en', data
# When checking a private field it should be returned too
assert user_with_privacy_disabled['fullname'] == 'Public user', data
# User with privacy enabled
res = self.app.get('/api/user/4?api_key=' + user.api_key)
data = json.loads(res.data)
user_with_privacy_enabled = data
# When checking a public field it should be returned
assert user_with_privacy_enabled['locale'] == 'en', data
# When checking a private field it should not be returned
assert 'fullname' not in user_with_privacy_enabled, data
# Users with privacy enabled and disabled, mixed together
res = self.app.get('/api/user?api_key=' + user.api_key)
data = json.loads(res.data)
user_with_privacy_disabled = data[2]
user_with_privacy_enabled = data[3]
assert user_with_privacy_disabled['locale'] == 'en', data
assert user_with_privacy_disabled['fullname'] == 'Public user', data
assert user_with_privacy_enabled['locale'] == 'en', data
assert 'fullname' not in user_with_privacy_enabled, data
# Admin API-KEY should be able to retrieve every field in user
res = self.app.get('/api/user/3?api_key=' + admin.api_key)
data = json.loads(res.data)
user_with_privacy_disabled = data
# When checking a public field it should be returned
assert user_with_privacy_disabled['locale'] == 'en', data
# When checking a private field it should be returned too
assert user_with_privacy_disabled['fullname'] == 'Public user', data
# User with privacy enabled
res = self.app.get('/api/user/4?api_key=' + admin.api_key)
data = json.loads(res.data)
user_with_privacy_enabled = data
# When checking a public field it should be returned
assert user_with_privacy_enabled['locale'] == 'en', data
# When checking a private field it should be returned too
assert user_with_privacy_enabled['fullname'] == 'Private user', data
# Users with privacy enabled and disabled, mixed together
res = self.app.get('/api/user?api_key=' + admin.api_key)
data = json.loads(res.data)
user_with_privacy_disabled = data[2]
user_with_privacy_enabled = data[3]
assert user_with_privacy_disabled['locale'] == 'en', data
assert user_with_privacy_disabled['fullname'] == 'Public user', data
assert user_with_privacy_enabled['locale'] == 'en', data
assert user_with_privacy_enabled['fullname'] == 'Private user', data
def test_user_timeline():
"""Should only return posts from users I'm following"""
user1 = UserFactory()
user2 = UserFactory()
user3 = UserFactory()
user4 = UserFactory()
user2_post1 = TextPostFactory()
user2_post2 = TextPostFactory()
user3_post1 = PicturePostFactory()
user4_post1 = TextPostFactory()
user2.add_post(user2_post1)
user2.add_post(user2_post2)
user3.add_post(user3_post1)
user4.add_post(user4_post1)
# user1 follows user2 and user3
user1.follow(user2)
user1.follow(user3)
# 2 posts from user2 and 1 from user3
# post from user4 is excluded
assert len(user1.get_timeline()) == 3
assert user4_post1 not in user1.get_timeline()
# should be sorted by creation timestamp
assert user1.get_timeline() == [user2_post1, user2_post2, user3_post1]
def test_admin_cannot_publish_if_project_has_no_tasks(self):
"""Test admins cannot publish a project that has no tasks"""
owner = UserFactory.build_batch(2)[1]
project = ProjectFactory.create(owner=owner, published=False)
assert_raises(Forbidden, ensure_authorized_to, 'publish', project)
def test_locked_sched_gold_task(self, mock_random):
""" Test gold tasks presented with locked scheduler """
[admin, owner, user] = UserFactory.create_batch(3)
make_admin(admin)
make_subadmin(owner)
project = ProjectFactory.create(owner=owner)
project.info['sched'] = Schedulers.locked
project_repo.save(project)
tasks = TaskFactory.create_batch(4, project=project, n_answers=1)
gold_task = tasks[3]
gold_task.calibration = 1
gold_task.gold_answers = dict(field_3='someans')
# gold task to be presented to the user when available with randomness
# set to a value (to zero) that means gold task to be presented
mock_random.return_value = 0
# user #1
self.set_proj_passwd_cookie(project, user)
res = self.app.get('api/project/{}/newtask?api_key={}'.format(
project.id, user.api_key))
assert res.status_code == 200, res.status_code
resp = json.loads(res.data)
assert resp['id'] == gold_task.id, \
'task presented to regular user under locked sched should be gold task'
# submit answer for gold task
task_run = dict(project_id=project.id,
task_id=gold_task.id,
info='hi there!')
res = self.app.post('api/taskrun?api_key={}'.format(user.api_key),
data=json.dumps(task_run))
assert res.status_code == 200, res.status_code
# user #2 also gets gold_task even when redundancy was set to 1
res = self.app.get('api/project/{}/newtask?api_key={}'.format(
project.id, owner.api_key))
assert res.status_code == 200, res.status_code
resp = json.loads(res.data)
assert resp['id'] == gold_task.id, \
'task presented to owner under locked sched should be gold task'
# after two task run submissions for gold task, state is unchanged to ongoing
task_run = dict(project_id=project.id,
task_id=gold_task.id,
info='hi there!')
res = self.app.post('api/taskrun?api_key={}'.format(owner.api_key),
data=json.dumps(task_run))
assert res.status_code == 200, res.status_code
res = self.app.get('api/task/{}?api_key={}'.format(
gold_task.id, admin.api_key))
assert res.status_code == 200, res.status_code
resp = json.loads(res.data)
assert resp['id'] == gold_task.id and resp['state'] == 'ongoing', \
'gold task state should be unchanged to ongoing'
# user #3 don't receive gold_task when randomness is not zero
mock_random.return_value = 1
res = self.app.get('api/project/{}/newtask?api_key={}'.format(
project.id, admin.api_key))
assert res.status_code == 200, res.status_code
resp = json.loads(res.data)
assert resp['id'] == tasks[0].id, \
'task presented should not be gold task'
class TestIPTTTimePeriodsReportResponseBase(test.TestCase):
timeperiods = Indicator.ANNUAL
def setUp(self):
self.user = UserFactory(first_name="FN",
last_name="LN",
username="******",
is_superuser=True)
self.user.set_password('password')
self.user.save()
self.tola_user = TolaUserFactory(user=self.user)
self.tola_user.save()
self.client = test.Client(enforce_csrf_checks=False)
self.client.login(username='******', password='******')
self.response = None
startdate = datetime.strptime('2017-02-04', '%Y-%m-%d')
enddate = datetime.strptime('2019-10-01', '%Y-%m-%d')
self.program = ProgramFactory(reporting_period_start=startdate,
reporting_period_end=enddate)
self.request_params = {
'csrfmiddlewaretoken': 'asdf',
'program': self.program.id
}
def tearDown(self):
Indicator.objects.all().delete()
self.response = None
def set_dates(self, start, end):
self.program.reporting_period_start = datetime.strptime(
start, '%Y-%m-%d')
self.program.reporting_period_end = datetime.strptime(end, '%Y-%m-%d')
self.program.save()
def get_indicator_for_program(self, **kwargs):
make_kwargs = {'program': self.program}
make_kwargs.update(kwargs)
indicator = IndicatorFactory(**make_kwargs)
return indicator
def add_indicator(self, frequency=Indicator.ANNUAL, **kwargs):
kwargs['target_frequency'] = frequency
return self.get_indicator_for_program(**kwargs)
def add_indicator_with_data(self, frequency, values):
indicator = self.add_indicator(frequency=frequency)
collect_date = self.program.reporting_period_start + timedelta(days=1)
for value in values:
_ = ResultFactory(indicator=indicator,
date_collected=collect_date,
achieved=value)
if frequency == Indicator.ANNUAL:
collect_date = datetime(collect_date.year + 1,
collect_date.month, collect_date.day)
elif frequency == Indicator.SEMI_ANNUAL:
collect_date = datetime(
collect_date.year if collect_date.month < 7 else
collect_date.year + 1, collect_date.month +
6 if collect_date.month < 7 else collect_date.month - 6,
collect_date.day)
elif frequency == Indicator.TRI_ANNUAL:
collect_date = datetime(
collect_date.year if collect_date.month < 9 else
collect_date.year + 1, collect_date.month +
4 if collect_date.month < 9 else collect_date.month - 8,
collect_date.day)
elif frequency == Indicator.QUARTERLY:
collect_date = datetime(
collect_date.year if collect_date.month < 10 else
collect_date.year + 1, collect_date.month +
3 if collect_date.month < 10 else collect_date.month - 9,
collect_date.day)
elif frequency == Indicator.MONTHLY:
collect_date = datetime(
collect_date.year if collect_date.month < 12 else
collect_date.year + 1, collect_date.month +
1 if collect_date.month < 12 else collect_date.month - 11,
collect_date.day)
def get_showall_response(self):
self.request_params['timeframe'] = 1
self.request_params['numrecentperiods'] = None
return self.get_response()
def get_recent_periods(self, numrecent):
self.request_params['timeframe'] = 2
self.request_params['numrecentperiods'] = numrecent
return self.get_response()
def get_date_range_periods(self, start, end):
self.request_params['start_period'] = start.strftime(
'%Y-%m-%d') if isinstance(start, datetime) else start
self.request_params['end_period'] = end.strftime(
'%Y-%m-%d') if isinstance(end, datetime) else end
return self.get_response()
def get_response(self, reporttype=IPTT_Mixin.REPORT_TYPE_TIMEPERIODS):
self.request_params['timeperiods'] = self.timeperiods
response = self.client.post(
'/indicators/iptt_report/{program}/{reporttype}/'.format(
program=self.program.id, reporttype=reporttype),
self.request_params,
follow=True)
self.assertEqual(
response.status_code, 200,
"response gave status code {0} instead of 200".format(
response.status_code))
self.response = IPTTResponse(response.content, timeperiods=True)
return self.response
def get_indicator_results(self, response, indicator_row=0):
indicator = response.indicators[indicator_row]['ranges']
return indicator[0], indicator[1:]
def format_assert_message(self, msg):
return "{0}:\n{1} timeperiods, {2}".format(self.response, {
k: v
for k, v in Indicator.TARGET_FREQUENCIES
}[self.timeperiods], msg)
def number_of_ranges_test(self, start, end, expected_ranges):
self.set_dates(start, end)
self.add_indicator()
response = self.get_showall_response()
ranges = response.indicators[0]['ranges'][1:]
self.assertEqual(
len(ranges), expected_ranges,
self.format_assert_message(
"expected {0} ranges for {1} to {2}, got {3}".format(
expected_ranges, start, end, len(ranges))))
def test_n_auth_users_returns_number_of_registered_users(self):
UserFactory.create_batch(2)
users = stats.n_auth_users()
assert users == 2, users
class QueuesAPITestCase(TestCase):
def setUp(self):
self.user = UserFactory(username='******')
self.admin = UserFactory(username='******', super_user=True)
self.norm = UserFactory(username='******')
self.collab = UserFactory(username='******')
self.created_queue = self.mock_create_queue(owner=self.user, name='TestUserQueue')
self.created_queue.organizers.add(self.collab)
def _get_test_update_data(self, return_id=True):
data = {
'name': 'A BRAND NEW NAME',
'owner': self.user.id,
'is_public': False,
}
if return_id:
data['id'] = self.created_queue.id
return data
def mock_create_queue(self, **kwargs):
# Prevent queue creation
with mock.patch('queues.models.rabbit.create_queue') as rabbit_create_queue:
rabbit_create_queue.return_value = uuid.uuid4()
return QueueFactory(**kwargs)
def queue_api_request_with_mock(self, http_method, url_name, url_kwargs=None, data=None):
# So we can make API requests without triggering rabbitmq actual queue creation
with mock.patch('queues.models.rabbit.create_queue') as rabbit_create_queue:
url_kwargs = url_kwargs if url_kwargs is not None else {}
data = data if data is not None else {}
rabbit_create_queue.return_value = uuid.uuid4()
response = getattr(self.client, http_method.lower())(
reverse(url_name, kwargs=url_kwargs),
data=data,
content_type='application/json'
)
return response, rabbit_create_queue.called
def test_create_queue_through_api(self):
self.client.login(username='******', password='******')
assert Queue.objects.count() == 1
data = {
'name': 'A brand new queue',
'owner': self.user.id,
'is_public': False,
}
response, rabbit_create_queue_called = self.queue_api_request_with_mock('post', 'queues-list', {}, data)
assert rabbit_create_queue_called
assert Queue.objects.count() == 2
assert response.status_code == 201
# --------- Permission tests ---------
def test_organizer_can_perform_all_operations(self):
self.client.login(username='******', password='******')
assert Queue.objects.get(pk=self.created_queue.id).name == 'TestUserQueue'
response, rabbit_create_queue_called = self.queue_api_request_with_mock(
'put',
'queues-detail',
{'pk': self.created_queue.id},
self._get_test_update_data()
)
assert not rabbit_create_queue_called
assert response.status_code == 200
assert Queue.objects.get(pk=self.created_queue.id).name == 'A BRAND NEW NAME'
response, rabbit_create_queue_called = self.queue_api_request_with_mock(
'delete',
'queues-detail',
{'pk': self.created_queue.id},
)
assert response.status_code == 204
assert not Queue.objects.filter(pk=self.created_queue.id).exists()
def test_other_user_cannot_delete_or_edit_queue(self):
self.client.login(username='******', password='******')
response, rabbit_create_queue_called = self.queue_api_request_with_mock(
'put',
'queues-detail',
{'pk': self.created_queue.id},
self._get_test_update_data()
)
assert not rabbit_create_queue_called
assert response.status_code == 404
assert Queue.objects.get(pk=self.created_queue.id).name != 'A BRAND NEW NAME'
response, rabbit_create_queue_called = self.queue_api_request_with_mock(
'delete',
'queues-detail',
{'pk': self.created_queue.id},
)
assert response.status_code == 404
assert Queue.objects.filter(pk=self.created_queue.id).exists()
def test_collab_cannot_delete_or_edit_queue(self):
self.client.login(username='******', password='******')
response, rabbit_create_queue_called = self.queue_api_request_with_mock(
'put',
'queues-detail',
{'pk': self.created_queue.id},
self._get_test_update_data()
)
assert not rabbit_create_queue_called
assert response.status_code == 403
assert Queue.objects.get(pk=self.created_queue.id).name != 'A BRAND NEW NAME'
response, rabbit_create_queue_called = self.queue_api_request_with_mock(
'delete',
'queues-detail',
{'pk': self.created_queue.id},
)
assert response.status_code == 403
assert Queue.objects.filter(pk=self.created_queue.id).exists()
# --------- Queue Limit Tests ---------
# Test user queue limits
def test_queue_limits_for_regular_users(self):
self.client.login(username='******', password='******')
self.user.rabbitmq_queue_limit = 2
self.user.save()
# Ensure we can still create a queue to reaach our limit
response, rabbit_create_queue_called = self.queue_api_request_with_mock(
'post',
'queues-list',
data=self._get_test_update_data(return_id=False)
)
assert rabbit_create_queue_called
assert response.status_code == 201
assert self.user.rabbitmq_queue_limit == self.user.queues.count()
response, rabbit_create_queue_called = self.queue_api_request_with_mock(
'post',
'queues-list',
data=self._get_test_update_data(return_id=False)
)
assert not rabbit_create_queue_called
assert response.status_code == 403
assert self.user.rabbitmq_queue_limit == self.user.queues.count()
# Test super user queue limits
def test_super_users_has_no_queue_limit(self):
# Set user rabbit queue limit
self.admin.rabbitmq_queue_limit = 1
self.admin.save()
# Reach our limit
self.mock_create_queue(owner=self.admin)
assert self.admin.queues.count() == self.admin.rabbitmq_queue_limit
self.client.login(username='******', password='******')
response, rabbit_create_queue_called = self.queue_api_request_with_mock(
'post',
'queues-list',
data=self._get_test_update_data(return_id=False)
)
assert rabbit_create_queue_called
assert response.status_code == 201
# --------- Filter Test ---------
def test_public_filter_does_not_exclude_own_users_public_queues_and_search_works(self):
# Create a public queue we want to show in our results by search/public=True
self.mock_create_queue(owner=self.norm, name='TestPublicQueue', is_public=True)
# Create another queue we do not want to show up that is not public, and should not return in results
self.mock_create_queue(owner=self.norm)
# Create yet another queue that IS public, that we want filtered out by search
self.mock_create_queue(owner=self.norm, is_public=True)
self.client.login(username='******', password='******')
response = self.client.get(f"{reverse('queues-list')}?search=test&public=True")
assert response.status_code == 200
assert len(response.data['results']) == 2
assert response.data['results'][0]['name'] == 'TestPublicQueue'
assert response.data['results'][0]['is_public']
assert response.data['results'][1]['name'] == 'TestUserQueue'
assert not response.data['results'][1]['is_public']
def test_task_query_with_params_with_context(self):
"""Test API query for task with params works with context"""
user = UserFactory.create()
user_two = UserFactory.create()
project_oc = ProjectFactory.create(owner=user)
project_two = ProjectFactory.create()
tasks = TaskFactory.create_batch(10, project=project_oc)
TaskFactory.create_batch(10, project=project_two)
# Test for real field
res = self.app.get("/api/task?project_id=" + str(project_oc.id) +
"&api_key=" + user.api_key)
data = json.loads(res.data)
# Should return then results
assert len(data) == 10, data
# Correct result
for t in data:
assert t['project_id'] == project_oc.id, t
res = self.app.get("/api/task?api_key=" + user.api_key + "&all=1")
data = json.loads(res.data)
# Should return one result
assert len(data) == 20, data
# Valid field but wrong value
res = self.app.get("/api/task?project_id=99999999&api_key=" +
user.api_key)
data = json.loads(res.data)
assert len(data) == 0, data
# Multiple fields
res = self.app.get('/api/task?project_id=1&state=ongoing&api_key=' +
user.api_key)
data = json.loads(res.data)
# One result
assert len(data) == 10, data
# Correct result
for t in data:
assert t['project_id'] == project_oc.id, data
assert t['state'] == u'ongoing', data
# Limits
res = self.app.get("/api/task?project_id=1&limit=5&api_key=" +
user.api_key)
data = json.loads(res.data)
assert len(data) == 5, data
for item in data:
assert item['project_id'] == project_oc.id, item
# Keyset pagination
url = "/api/task?project_id=1&limit=5&last_id=%s&api_key=%s" % (
tasks[4].id, user.api_key)
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 5, data
assert data[0]['id'] == tasks[5].id, data
for item in data:
assert item['project_id'] == project_oc.id, item
# Test for real field with user_two
res = self.app.get("/api/task?project_id=" + str(project_oc.id) +
"&api_key=" + user_two.api_key)
data = json.loads(res.data)
# Should return then results
assert len(data) == 0, data
# Test for real field with user_two
res = self.app.get("/api/task?all=1&project_id=" + str(project_oc.id) +
"&api_key=" + user_two.api_key)
data = json.loads(res.data)
# Should return then results
assert len(data) == 10, data
# Correct result
for t in data:
assert t['project_id'] == project_oc.id, t
res = self.app.get("/api/task?api_key=" + user_two.api_key + "&all=1")
data = json.loads(res.data)
# Should return one result
assert len(data) == 20, data
# Valid field but wrong value
res = self.app.get("/api/task?project_id=99999999&api_key=" +
user_two.api_key)
data = json.loads(res.data)
assert len(data) == 0, data
# Multiple fields
res = self.app.get('/api/task?project_id=1&state=ongoing&api_key=' +
user_two.api_key)
data = json.loads(res.data)
# One result
assert len(data) == 0, data
res = self.app.get(
'/api/task?all=1&project_id=1&state=ongoing&api_key=' +
user_two.api_key)
data = json.loads(res.data)
# One result
assert len(data) == 10, data
# Correct result
for t in data:
assert t['project_id'] == project_oc.id, data
assert t['state'] == u'ongoing', data
# Limits
res = self.app.get("/api/task?project_id=1&limit=5&api_key=" +
user_two.api_key)
data = json.loads(res.data)
assert len(data) == 0, data
res = self.app.get("/api/task?all=1&project_id=1&limit=5&api_key=" +
user_two.api_key)
data = json.loads(res.data)
assert len(data) == 5, data
for item in data:
assert item['project_id'] == project_oc.id, item
# Keyset pagination
url = "/api/task?project_id=1&limit=5&last_id=%s&api_key=%s" % (
tasks[4].id, user_two.api_key)
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 0, data
url = "/api/task?all=1&project_id=1&limit=5&last_id=%s&api_key=%s" % (
tasks[4].id, user_two.api_key)
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 5, data
assert data[0]['id'] == tasks[5].id, data
for item in data:
assert item['project_id'] == project_oc.id, item
def test__str__():
new_user = UserFactory()
assert new_user.__str__() == new_user.email
def test_task_update(self):
"""Test API task update"""
admin = UserFactory.create()
user = UserFactory.create()
non_owner = UserFactory.create()
project = ProjectFactory.create(owner=user)
task = TaskFactory.create(project=project)
root_task = TaskFactory.create(project=project)
data = {'n_answers': 1}
datajson = json.dumps(data)
root_data = {'n_answers': 4}
root_datajson = json.dumps(root_data)
# anonymous
res = self.app.put('/api/task/%s' % task.id, data=data)
assert_equal(res.status, '401 UNAUTHORIZED', res.status)
# real user but not allowed as not owner!
url = '/api/task/%s?api_key=%s' % (task.id, non_owner.api_key)
res = self.app.put(url, data=datajson)
assert_equal(res.status, '403 FORBIDDEN', res.status)
# real user
url = '/api/task/%s?api_key=%s' % (task.id, user.api_key)
res = self.app.put(url, data=datajson)
out = json.loads(res.data)
assert_equal(res.status, '200 OK', res.data)
assert_equal(task.n_answers, data['n_answers'])
assert_equal(task.state, 'ongoing')
assert task.id == out['id'], out
# root
res = self.app.put('/api/task/%s?api_key=%s' %
(root_task.id, admin.api_key),
data=root_datajson)
assert_equal(res.status, '200 OK', res.data)
assert_equal(root_task.n_answers, root_data['n_answers'])
assert_equal(task.state, 'ongoing')
# PUT with not JSON data
res = self.app.put(url, data=data)
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'task', err
assert err['action'] == 'PUT', err
assert err['exception_cls'] == 'ValueError', err
# PUT with not allowed args
res = self.app.put(url + "&foo=bar", data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'task', err
assert err['action'] == 'PUT', err
assert err['exception_cls'] == 'AttributeError', err
# PUT with fake data
data['wrongfield'] = 13
res = self.app.put(url, data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'task', err
assert err['action'] == 'PUT', err
assert err['exception_cls'] == 'TypeError', err
def test_task_query_participated(self):
"""Test API Task query with participated arg."""
admin, owner, user = UserFactory.create_batch(3)
project = ProjectFactory.create(owner=owner)
tasks1 = TaskFactory.create_batch(10,
project=project,
info=dict(foo='fox'))
tasks2 = TaskFactory.create_batch(10,
project=project,
info=dict(foo='dog'))
tasks = tasks1 + tasks2
TaskRunFactory.create(task=tasks[0], user=user)
TaskRunFactory.create(task=tasks[1], user=user)
TaskRunFactory.create(task=tasks[2], user=user)
url = '/api/task?api_key=%s&participated=1&all=1' % user.api_key
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 17, len(data)
participated_tasks = [tasks[0].id, tasks[1].id, tasks[2].id]
for task in data:
assert task['id'] not in participated_tasks, task['id']
# limit & offset
url = '/api/task?api_key=%s&participated=1&all=1&limit=10&offset=10' % user.api_key
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 7, len(data)
participated_tasks = [tasks[0].id, tasks[1].id, tasks[2].id]
for task in data:
assert task['id'] not in participated_tasks, task['id']
# last_id
url = '/api/task?api_key=%s&participated=1&all=1&last_id=%s' % (
user.api_key, tasks[0].id)
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 17, len(data)
participated_tasks = [tasks[0].id, tasks[1].id, tasks[2].id]
for task in data:
assert task['id'] not in participated_tasks, task['id']
# orderby & desc
url = '/api/task?api_key=%s&participated=1&all=1&orderby=created&desc=1' % user.api_key
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 17, len(data)
participated_tasks = [tasks[0].id, tasks[1].id, tasks[2].id]
assert data[0]['id'] == tasks[-1].id
for task in data:
assert task['id'] not in participated_tasks, task['id']
# info & fulltextsearch
url = '/api/task?api_key=%s&participated=1&all=1&orderby=created&desc=1&info=foo::fox&fulltextsearch=1' % user.api_key
res = self.app.get(url)
data = json.loads(res.data)
assert len(data) == 7, len(data)
participated_tasks = [tasks[0].id, tasks[1].id, tasks[2].id]
assert data[0]['id'] == tasks1[-1].id
for task in data:
assert task['id'] not in participated_tasks, task['id']
def test_export_tasks_csv_json(self, mail):
"""Test JOB export_tasks task csv works."""
user = UserFactory.create(admin=True)
project = ProjectFactory.create(name='test_project')
task = TaskFactory.create(project=project)
task_run = TaskRunFactory.create(project=project, task=task)
export_tasks(user.email_addr, project.short_name, 'task', False, 'csv')
args, kwargs = mail.send.call_args
message = args[0]
assert message.recipients[0] == user.email_addr, message.recipients
assert message.subject == 'Data exported for your project: test_project', message.subject
attachment = message.attachments[0]
proj_name = unidecode(project.short_name)
filename = '{}_{}'.format(project.id, proj_name)
assert attachment.filename == '{}_task_csv.zip'.format(filename)
export_tasks(user.email_addr, project.short_name, 'task', False,
'json')
args, kwargs = mail.send.call_args
message = args[0]
assert message.recipients[0] == user.email_addr, message.recipients
assert message.subject == 'Data exported for your project: test_project', message.subject
attachment = message.attachments[0]
assert attachment.filename == '{}_task_json.zip'.format(filename)
export_tasks(user.email_addr, project.short_name, 'task_run', False,
'csv')
args, kwargs = mail.send.call_args
message = args[0]
assert message.recipients[0] == user.email_addr, message.recipients
assert message.subject == 'Data exported for your project: test_project', message.subject
attachment = message.attachments[0]
assert attachment.filename == '{}_task_run_csv.zip'.format(filename)
export_tasks(user.email_addr, project.short_name, 'task_run', False,
'json')
args, kwargs = mail.send.call_args
message = args[0]
assert message.recipients[0] == user.email_addr, message.recipients
assert message.subject == 'Data exported for your project: test_project', message.subject
attachment = message.attachments[0]
assert attachment.filename == '{}_task_run_json.zip'.format(filename)
filters = dict(task_id=1,
hide_completed=True,
pcomplete_from='2018-01-01T00:00:00.0001',
pcomplete_to='2018-12-12T00:00:00.0001',
priority_from=0.0,
priority_to=0.5,
created_from='2018-01-01T00:00:00.0001',
created_to='2018-12-12T00:00:00.0001')
filters = {
'display_info_columns': [],
'pcomplete_from': 0.0,
'pcomplete_to': 0.45
}
export_tasks(user.email_addr, project.short_name, 'task', False, 'csv',
filters)
args, kwargs = mail.send.call_args
message = args[0]
assert message.recipients[0] == user.email_addr, message.recipients
assert message.subject == 'Data exported for your project: test_project', message.subject
export_tasks(user.email_addr, project.short_name, 'task', False,
'json', filters)
args, kwargs = mail.send.call_args
message = args[0]
assert message.recipients[0] == user.email_addr, message.recipients
assert message.subject == 'Data exported for your project: test_project', message.subject
def test_task_post(self):
"""Test API Task creation"""
admin = UserFactory.create()
user = UserFactory.create()
non_owner = UserFactory.create()
project = ProjectFactory.create(owner=user)
data = dict(project_id=project.id, info='my task data')
root_data = dict(project_id=project.id, info='my root task data')
# anonymous user
# no api-key
res = self.app.post('/api/task', data=json.dumps(data))
error_msg = 'Should not be allowed to create'
assert_equal(res.status, '401 UNAUTHORIZED', error_msg)
# real user but not allowed as not owner!
res = self.app.post('/api/task?api_key=' + non_owner.api_key,
data=json.dumps(data))
error_msg = 'Should not be able to post tasks for projects of others'
assert_equal(res.status, '403 FORBIDDEN', error_msg)
# now a real user
res = self.app.post('/api/task?api_key=' + user.api_key,
data=json.dumps(data))
assert res.data, res
datajson = json.loads(res.data)
out = task_repo.get_task(datajson['id'])
assert out, out
assert_equal(out.info, 'my task data'), out
assert_equal(out.project_id, project.id)
# now the root user
res = self.app.post('/api/task?api_key=' + admin.api_key,
data=json.dumps(root_data))
assert res.data, res
datajson = json.loads(res.data)
out = task_repo.get_task(datajson['id'])
assert out, out
assert_equal(out.info, 'my root task data'), out
assert_equal(out.project_id, project.id)
# POST with not JSON data
url = '/api/task?api_key=%s' % user.api_key
res = self.app.post(url, data=data)
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'task', err
assert err['action'] == 'POST', err
assert err['exception_cls'] == 'ValueError', err
# POST with not allowed args
res = self.app.post(url + '&foo=bar', data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'task', err
assert err['action'] == 'POST', err
assert err['exception_cls'] == 'AttributeError', err
# POST with fake data
data['wrongfield'] = 13
res = self.app.post(url, data=json.dumps(data))
err = json.loads(res.data)
assert res.status_code == 415, err
assert err['status'] == 'failed', err
assert err['target'] == 'task', err
assert err['action'] == 'POST', err
assert err['exception_cls'] == 'TypeError', err
def setUp(self):
self.user = UserFactory(username='******')
self.competition = CompetitionFactory(created_by=self.user, id=1)
self.phase = PhaseFactory(competition=self.competition)
self.leaderboard = LeaderboardFactory(competition=self.competition)
def test_00_link_object(self, auth):
"""Test HATEOAS object link is created"""
user = UserFactory.create(admin=True)
auth.return_value = True
# For project
res = self.app.get('/api/project/1?api_key=' + user.api_key, follow_redirects=True)
output = json.loads(res.data)
err_msg = "There should be a Link with the object URI"
assert output['link'] is not None, err_msg
err_msg = "There should be a Links list with the category URI"
assert output['links'] is not None, err_msg
assert len(output['links']) == 1, err_msg
project_link = self.hateoas.link(rel='category', title='category',
href='http://{}/api/category/1'.format(self.flask_app.config['SERVER_NAME']))
assert project_link == output['links'][0], (project_link, output['links'][0], err_msg)
project_link = self.hateoas.link(rel='self', title='project',
href='http://{}/api/project/1'.format(self.flask_app.config['SERVER_NAME']))
err_msg = "The object link is wrong: %s" % output['link']
assert project_link == output['link'], err_msg
# For task
res = self.app.get('/api/task/1?api_key=' + user.api_key, follow_redirects=True)
output = json.loads(res.data)
err_msg = "There should be a Link with the object URI"
assert output['link'] is not None, err_msg
task_link = self.hateoas.link(rel='self', title='task',
href='http://{}/api/task/1'.format(self.flask_app.config['SERVER_NAME']))
err_msg = "The object link is wrong: %s" % output['link']
assert task_link == output['link'], err_msg
err_msg = "There should be one parent link: project"
assert output.get('links') is not None, err_msg
assert len(output.get('links')) == 1, err_msg
err_msg = "The parent link is wrong"
project_link = self.hateoas.link(rel='parent', title='project',
href='http://{}/api/project/1'.format(self.flask_app.config['SERVER_NAME']))
assert output.get('links')[0] == project_link, err_msg
# For taskrun
res = self.app.get('/api/taskrun/1?api_key=' + user.api_key, follow_redirects=True)
output = json.loads(res.data)
err_msg = "There should be a Link with the object URI"
assert output['link'] is not None, err_msg
task_link = self.hateoas.link(rel='self', title='taskrun',
href='http://{}/api/taskrun/1'.format(self.flask_app.config['SERVER_NAME']))
err_msg = "The object link is wrong: %s" % output['link']
assert task_link == output['link'], err_msg
err_msg = "There should be two parent links: project and task"
assert output.get('links') is not None, err_msg
assert len(output.get('links')) == 2, err_msg
err_msg = "The parent project link is wrong"
project_link = self.hateoas.link(rel='parent', title='project',
href='http://{}/api/project/1'.format(self.flask_app.config['SERVER_NAME']))
assert output.get('links')[0] == project_link, err_msg
err_msg = "The parent task link is wrong"
project_link = self.hateoas.link(rel='parent', title='task',
href='http://{}/api/task/1'.format(self.flask_app.config['SERVER_NAME']))
assert output.get('links')[1] == project_link, err_msg
res = self.app.post("/api/taskrun")
# For category
res = self.app.get("/api/category/1", follow_redirects=True)
output = json.loads(res.data)
err_msg = "There should be a Link with the object URI"
assert output['link'] is not None, err_msg
category_link = self.hateoas.link(rel='self', title='category',
href='http://{}/api/category/1'.format(self.flask_app.config['SERVER_NAME']))
err_msg = "The object link is wrong: %s" % output['link']
assert category_link == output['link'], err_msg
err_msg = "There should be no other links"
assert output.get('links') is None, err_msg
err_msg = "The object links should are wrong"
def test_get_absolute_url():
new_user = UserFactory()
assert new_user.get_absolute_url() == f'/api/accounts/{new_user.id}/'
