def test_link(self, group_service, links_service): ann = Mock() res = AnnotationResource(ann, group_service, links_service) result = res.link('json') links_service.get.assert_called_once_with(ann, 'json') assert result == links_service.get.return_value
def test_acl_private(self, factories, group_service, links_service): ann = factories.Annotation(shared=False, userid='saoirse') res = AnnotationResource(ann, group_service, links_service) actual = res.__acl__() expect = [(security.Allow, 'saoirse', 'read'), (security.Allow, 'saoirse', 'admin'), (security.Allow, 'saoirse', 'update'), (security.Allow, 'saoirse', 'delete'), security.DENY_ALL] assert actual == expect
def test_bodies_appends_tag_bodies(self, group_service, fake_links_service): annotation = mock.Mock(text='Flib flob flab', tags=['giraffe', 'lion']) resource = AnnotationResource(annotation, group_service, fake_links_service) bodies = AnnotationJSONLDPresenter(resource).bodies assert { 'type': 'TextualBody', 'value': 'giraffe', 'purpose': 'tagging', } in bodies assert { 'type': 'TextualBody', 'value': 'lion', 'purpose': 'tagging', } in bodies
def test_immutable_formatters(self, group_service, fake_links_service): """Double-check we can't mutate the formatters list after the fact. This is an extra check just to make sure we can't accidentally change the constructor so that it simply aliases the list that's passed in, leaving us open to all kinds of mutability horrors. """ ann = mock.Mock(id='the-real-id', extra={}) resource = AnnotationResource(ann, group_service, fake_links_service) formatters = [FakeFormatter({'flagged': 'nope'})] presenter = AnnotationJSONPresenter(resource, formatters) formatters.append(FakeFormatter({'enterprise': 'synergy'})) presented = presenter.asdict() assert 'enterprise' not in presented
def update(context, request): """Update the specified annotation with data from the PATCH payload.""" if request.method == 'PUT' and hasattr(request, 'stats'): request.stats.incr('api.deprecated.put_update_annotation') schema = UpdateAnnotationSchema(request, context.annotation.target_uri, context.annotation.groupid) appstruct = schema.validate(_json_payload(request)) annotation = storage.update_annotation(request.db, context.annotation.id, appstruct) _publish_annotation_event(request, annotation, 'update') links_service = request.find_service(name='links') group_service = request.find_service(IGroupService) resource = AnnotationResource(annotation, group_service, links_service) presenter = AnnotationJSONPresenter(resource) return presenter.asdict()
def test_permissions(self, annotation, group_readable, action, expected, group_service, fake_links_service): annotation.deleted = False group_principals = { 'members': (security.Allow, 'group:{}'.format(annotation.groupid), 'read'), 'world': (security.Allow, security.Everyone, 'read'), None: security.DENY_ALL, } group = mock.Mock(spec_set=['__acl__']) group.__acl__.return_value = [group_principals[group_readable]] group_service.find.return_value = group resource = AnnotationResource(annotation, group_service, fake_links_service) presenter = AnnotationJSONPresenter(resource) assert expected == presenter.permissions[action]
def test_asdict(self, document_asdict, group_service, fake_links_service): ann = mock.Mock(id='the-id', created=datetime.datetime(2016, 2, 24, 18, 3, 25, 768), updated=datetime.datetime(2016, 2, 29, 10, 24, 5, 564), userid='acct:luke', target_uri='http://example.com', text='It is magical!', tags=['magic'], groupid='__world__', shared=True, target_selectors=[{'TestSelector': 'foobar'}], references=['referenced-id-1', 'referenced-id-2'], extra={'extra-1': 'foo', 'extra-2': 'bar'}) resource = AnnotationResource(ann, group_service, fake_links_service) document_asdict.return_value = {'foo': 'bar'} expected = {'id': 'the-id', 'created': '2016-02-24T18:03:25.000768+00:00', 'updated': '2016-02-29T10:24:05.000564+00:00', 'user': '******', 'uri': 'http://example.com', 'text': 'It is magical!', 'tags': ['magic'], 'group': '__world__', 'permissions': {'read': ['group:__world__'], 'admin': ['acct:luke'], 'update': ['acct:luke'], 'delete': ['acct:luke']}, 'target': [{'source': 'http://example.com', 'selector': [{'TestSelector': 'foobar'}]}], 'document': {'foo': 'bar'}, 'links': {'giraffe': 'http://giraffe.com', 'toad': 'http://toad.net'}, 'references': ['referenced-id-1', 'referenced-id-2'], 'extra-1': 'foo', 'extra-2': 'bar'} result = AnnotationJSONPresenter(resource).asdict() assert result == expected
def test_rewrites_rangeselectors_different_element(self, group_service, fake_links_service): """ A RangeSelector that starts and ends in the different elements should be rewritten to a RangeSelector bounded by two XPathSelectors, each of which is refinedBy a "point"-like TextPositionSelector. """ annotation = mock.Mock(target_uri='http://example.com') annotation.target_selectors = [ { 'type': 'RangeSelector', 'startContainer': '/div[1]/main[1]/article[1]/div[2]/h1[1]', 'startOffset': 4, 'endContainer': '/div[1]/main[1]/article[1]/div[2]/p[339]', 'endOffset': 72, } ] resource = AnnotationResource(annotation, group_service, fake_links_service) selectors = AnnotationJSONLDPresenter(resource).target[0]['selector'] assert selectors == [{ 'type': 'RangeSelector', 'startSelector': { 'type': 'XPathSelector', 'value': '/div[1]/main[1]/article[1]/div[2]/h1[1]', 'refinedBy': { 'type': 'TextPositionSelector', 'start': 4, 'end': 4, } }, 'endSelector': { 'type': 'XPathSelector', 'value': '/div[1]/main[1]/article[1]/div[2]/p[339]', 'refinedBy': { 'type': 'TextPositionSelector', 'start': 72, 'end': 72, } }, }]
def test_acl_shared(self, factories, pyramid_config, pyramid_request, groupid, userid, permitted, group_service, links_service): """ Shared annotation resources should delegate their 'read' permission to their containing group. """ # Set up the test with a dummy authn policy and a real ACL authz # policy: policy = ACLAuthorizationPolicy() pyramid_config.testing_securitypolicy(userid) pyramid_config.set_authorization_policy(policy) ann = factories.Annotation(shared=True, userid='mioara', groupid=groupid) res = AnnotationResource(ann, group_service, links_service) if permitted: assert pyramid_request.has_permission('read', res) else: assert not pyramid_request.has_permission('read', res)
def _annotation_resource(request, annotation): group_service = request.find_service(IGroupService) links_service = request.find_service(name='links') return AnnotationResource(annotation, group_service, links_service)