def setUp(self): # create an admin user self.admin_user = users.create_account('*****@*****.**', username='******', first_name='Super', last_name='User', superuser=True, groups=[]) # create a test user self.test_user = users.create_account('*****@*****.**', username='******', first_name='Ima', last_name='Testuser', superuser=False, groups=[]) self.new_res = resource.create_resource('GenericResource', self.admin_user, 'My Test Resource') # get the user's id #self.userid = User.objects.get(username=self.user).pk self.test_group = users.create_group('MyTestGroup', members=[self.admin_user], owners=[self.admin_user])
def setUp(self): # create an admin user self.admin_user = users.create_account( '*****@*****.**', username='******', first_name='Super', last_name='User', superuser=True, groups=[]) # create a test user self.test_user = users.create_account( '*****@*****.**', username='******', first_name='Ima', last_name='Testuser', superuser=False, groups=[]) self.new_res = resource.create_resource( 'GenericResource', self.admin_user, 'My Test Resource' ) # get the user's id #self.userid = User.objects.get(username=self.user).pk self.test_group = users.create_group( 'MyTestGroup', members=[self.admin_user], owners=[self.admin_user] )
def setUp(self): super(BasicFunction, self).setUp() global_reset() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') self.alva = create_account('*****@*****.**', username='******', first_name='alva', last_name='couch', superuser=False, groups=[]) self.george = create_account('*****@*****.**', username='******', first_name='george', last_name='miller', superuser=False, groups=[]) self.john = create_account('*****@*****.**', username='******', first_name='john', last_name='miller', superuser=False, groups=[]) self.admin = create_account('*****@*****.**', username='******', first_name='first_name_admin', last_name='last_name_admin', superuser=True, groups=[]) # george creates a resource 'bikes' self.bikes = create_resource( resource_type='GenericResource', owner=self.george, title='Bikes', metadata=[], ) # george creates a group 'bikers' self.bikers = self.george.uaccess\ .create_group(title='Bikers', description="We are the bikers") # george creates a group 'harpers' self.harpers = self.george.uaccess\ .create_group(title='Harpers', description="We are the harpers")
def setUp(self): super(TestFolderDownloadZip, self).setUp() self.output_path = "zips/rand/foo.zip" self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') self.user = create_account( '*****@*****.**', username='******', first_name='Shaun', last_name='Livingston', superuser=False, groups=[] ) # create files self.n1 = "test1.txt" test_file = open(self.n1, 'w') test_file.write("Test text file in test1.txt") test_file.close() test_file = open(self.n1, "r") self.res = create_resource(resource_type='GenericResource', owner=self.user, title='Test Resource', metadata=[], ) ResourceFile.create_folder(self.res, 'foo') # add one file to the resource add_resource_files(self.res.short_id, test_file, folder='foo')
def setUp(self): self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.user = users.create_account( '*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[self.group]) # get the user's id self.userid = User.objects.get(username=self.user).pk self.group = users.create_group( 'MyGroup', members=[self.user], owners=[self.user] ) self.res = hydroshare.create_resource( 'GenericResource', self.user, 'My Test Resource' )
def setUp(self): super(TestAddResourceFiles, self).setUp() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') self.user = create_account('*****@*****.**', username='******', first_name='Shaun', last_name='Livingston', superuser=False, groups=[]) # create files self.n1 = "test1.txt" self.n2 = "test2.txt" self.n3 = "test3.txt" test_file = open(self.n1, 'w') test_file.write("Test text file in test1.txt") test_file.close() test_file = open(self.n2, 'w') test_file.write("Test text file in test2.txt") test_file.close() test_file = open(self.n3, 'w') test_file.write("Test text file in test3.txt") test_file.close() # open files for read and upload self.myfile1 = open(self.n1, "r") self.myfile2 = open(self.n2, "r") self.myfile3 = open(self.n3, "r")
def setUp(self): super(TestDeleteResource, self).setUp() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.user = users.create_account('*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[])
def setUp(self): super(TestSetAccessRules, self).setUp() self.secondUser = users.create_account('*****@*****.**', username='******', first_name='some_first_name1', last_name='some_last_name1', groups=[], superuser=False) self.testGroup = self.user.uaccess.create_group( title="Test Group", description="Group for testing")
def setUp(self): super(TestDeleteResource, self).setUp() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.user = users.create_account( '*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[])
def save(self, *args, **kwargs): data = self.cleaned_data return create_account( email=data['email'], username=data['username'], first_name=data['first_name'], last_name=data['last_name'], superuser=False, password=data['password'], active=False, )
def setUp(self): super(TestInternalQuotaUpdateEndpoint, self).setUp() if settings.IRODS_SERVICE_ACCOUNT_USERNAME: # create the service account which needs to be authenticated in order to update quota self.irods_user = users.create_account( '*****@*****.**', username=settings.IRODS_SERVICE_ACCOUNT_USERNAME, password='******', first_name='irods', last_name='service', superuser=False)
def save(self, *args, **kwargs): data = self.cleaned_data return create_account( email=data["email"], username=data["username"], first_name=data["first_name"], last_name=data["last_name"], superuser=False, password=data["password"], active=False, )
def save(self, *args, **kwargs): data = self.cleaned_data return create_account( email=data['email'], username=data['username'], organization=data['organization'], first_name=data['first_name'], last_name=data['last_name'], superuser=False, password=data['password'], active=False, )
def setUp(self): super(TestSetAccessRules, self).setUp() self.secondUser = users.create_account( '*****@*****.**', username='******', first_name='some_first_name1', last_name='some_last_name1', groups=[], superuser=False) self.testGroup = self.user.uaccess.create_group( title="Test Group", description="Group for testing")
def setUp(self): super(TestOauthGroup, self).setUp() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') self.client = Client() self.user = users.create_account('*****@*****.**', username='******', password='******', first_name='some_first_name1', last_name='some_last_name1', groups=[], superuser=False) self.user.set_password("abc123") self.user2 = users.create_account('*****@*****.**', username='******', password='******', first_name='some_first_name2', last_name='some_last_name2', groups=[], superuser=False) self.user2.set_password("abc123") self.testGroup1 = self.user.uaccess.create_group( title="Test Group", description="Group for testing")
def setUp(self): super(TestHStore, self).setUp() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.user = users.create_account('*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[]) self.res = resource.create_resource('GenericResource', self.user, 'My Test Resource')
def setUp(self): self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.user = users.create_account('*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[self.group]) # get the user's id self.userid = User.objects.get(username=self.user).pk self.group = users.create_group('MyGroup', members=[self.user], owners=[self.user])
def setUp(self): self.hydroshare_author_group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.user = users.create_account( '*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[]) self.res = resource.create_resource( 'GenericResource', self.user, 'My Test Resource' )
def setUp(self): # create a user self.user = users.create_account('*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[]) # get the user's id self.userid = User.objects.get(username=self.user).pk self.group = users.create_group('MytestGroup1', members=[self.user], owners=[self.user])
def test_raise_no_exception(self): # create user - has no assigned resource access privilege authenticated_user = users.create_account( '*****@*****.**', username='******', first_name='user_first_name', last_name='user_last_name', superuser=False, groups=[]) self.request.user = authenticated_user res, authorized, user = authorize(self.request, res_id=self.res.short_id, needed_permission=ACTION_TO_AUTHORIZE.VIEW_RESOURCE, raises_exception=False) self.assertEquals(authorized, False) self.assertEquals(res, self.res) self.assertEquals(user, authenticated_user)
def setUp(self): super(TestStorage, self).setUp() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.user = users.create_account( '*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False) self.rtype = 'CompositeResource' self.title = 'My Test resource' self.res = resource.create_resource(self.rtype, self.user, self.title) self.pid = self.res.short_id
def setUp(self): self.hostname = socket.gethostname() self.resource_url = "http://example.com/resource/{res_id}/" self.maxDiff = None self.client = APIClient() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.user = users.create_account( '*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False) self.client.force_authenticate(user=self.user) self.resources_to_delete = []
def setUp(self): super(TestAuthorize, self).setUp() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user - resource owner self.user = users.create_account( '*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[]) self.res = resource.create_resource( 'GenericResource', self.user, 'My Test Resource' ) self.request = RequestFactory().request()
def setUp(self): self.maxDiff = None self.client = APIClient() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.email = '*****@*****.**' self.username = '******' self.first_name = 'some_first_name' self.last_name = 'some_last_name' self.user = users.create_account(self.email, username=self.username, first_name=self.first_name, last_name=self.last_name, superuser=False) self.client.force_authenticate(user=self.user)
def setUp(self): # create a user self.user = users.create_account( "*****@*****.**", username="******", first_name="some_first_name", last_name="some_last_name", superuser=False, groups=[], ) # get the user's id self.userid = User.objects.get(username=self.user).pk self.group = users.create_group("MytestGroup", members=[self.user], owners=[self.user]) new_res = resource.create_resource("GenericResource", self.user, "My Test Resource") self.pid = new_res.short_id
def test_raise_no_exception(self): # create user - has no assigned resource access privilege authenticated_user = users.create_account('*****@*****.**', username='******', first_name='user_first_name', last_name='user_last_name', superuser=False, groups=[]) self.request.user = authenticated_user res, authorized, user = authorize( self.request, res_id=self.res.short_id, needed_permission=ACTION_TO_AUTHORIZE.VIEW_RESOURCE, raises_exception=False) self.assertEquals(authorized, False) self.assertEquals(res, self.res) self.assertEquals(user, authenticated_user)
def setUp(self): # create a user self.user = users.create_account( '*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[]) # get the user's id self.userid = User.objects.get(username=self.user).pk self.group = users.create_group( 'MytestGroup1', members=[self.user], owners=[self.user] )
def setUp(self): self.maxDiff = None self.client = APIClient() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.email = '*****@*****.**' self.username = '******' self.first_name = 'some_first_name' self.last_name = 'some_last_name' self.user = users.create_account( self.email, username=self.username, first_name=self.first_name, last_name=self.last_name, superuser=False) self.client.force_authenticate(user=self.user)
def setUp(self): # create a user self.user = users.create_account('*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[]) # get the user's id self.userid = User.objects.get(username=self.user).pk self.group = users.create_group('MytestGroup', members=[self.user], owners=[self.user]) new_res = resource.create_resource('GenericResource', self.user, 'My Test Resource') self.pid = new_res.short_id
def setUp(self): self.hostname = socket.gethostname() self.resource_url = "http://example.com/resource/{res_id}/" self.maxDiff = None self.client = APIClient() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') # create a user self.user = users.create_account( '*****@*****.**', username='******', password='******', first_name='some_first_name', last_name='some_last_name', superuser=False) self.client.force_authenticate(user=self.user) self.client.login(username='******', password='******') self.resources_to_delete = [] self.groups_to_delete = []
def setUp(self): super(TestFolderDownloadZip, self).setUp() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') self.user = create_account('*****@*****.**', username='******', first_name='Shaun', last_name='Livingston', superuser=False, groups=[]) self.res = create_resource(resource_type='CompositeResource', owner=self.user, title='Test Resource', metadata=[]) ResourceFile.create_folder(self.res, 'foo') # create files self.n1 = "test1.txt" test_file = open(self.n1, 'w') test_file.write("Test text file in test1.txt") test_file.close() self.test_file = open(self.n1, "rb") add_resource_files(self.res.short_id, self.test_file, folder='foo') # copy refts file into new file to be added to the resource as an aggregation reft_data_file = open( 'hs_core/tests/data/multi_sites_formatted_version1.0.refts.json', 'rb') refts_file = open('multi_sites_formatted_version1.0.refts.json', 'wb') refts_file.writelines(reft_data_file.readlines()) refts_file.close() self.refts_file = open('multi_sites_formatted_version1.0.refts.json', 'rb') add_resource_files(self.res.short_id, self.refts_file) self.res.create_aggregation_xml_documents() self.istorage = IrodsStorage()
def setUp(self): super(TestFolderDownloadZip, self).setUp() self.group, _ = Group.objects.get_or_create(name='Hydroshare Author') self.user = create_account( '*****@*****.**', username='******', first_name='Shaun', last_name='Livingston', superuser=False, groups=[] ) self.res = create_resource(resource_type='CompositeResource', owner=self.user, title='Test Resource', metadata=[]) ResourceFile.create_folder(self.res, 'foo') # create files self.n1 = "test1.txt" test_file = open(self.n1, 'w') test_file.write("Test text file in test1.txt") test_file.close() self.test_file = open(self.n1, "r") add_resource_files(self.res.short_id, self.test_file, folder='foo') # copy refts file into new file to be added to the resource as an aggregation reft_data_file = open('hs_core/tests/data/multi_sites_formatted_version1.0.refts.json', 'r') refts_file = open('multi_sites_formatted_version1.0.refts.json', 'w') refts_file.writelines(reft_data_file.readlines()) refts_file.close() self.refts_file = open('multi_sites_formatted_version1.0.refts.json', 'r') add_resource_files(self.res.short_id, self.refts_file) self.res.create_aggregation_xml_documents()
def test_authorize_user(self): # create user - has no assigned resource access privilege authenticated_user = users.create_account('*****@*****.**', username='******', first_name='user_first_name', last_name='user_last_name', superuser=False, groups=[]) self.request.user = authenticated_user common_parameters = [ # authenticated user (with no assigned access permission) has no authorization for editing a # resource (metadata and content files) { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE, 'success': False, 'exception': PermissionDenied }, # authenticated user (with no assigned access permission) has no authorization for # setting resource flags { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG, 'success': False, 'exception': PermissionDenied }, # authenticated user (with no assigned access permission) has no authorization for creating a # resource version { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION, 'success': False, 'exception': PermissionDenied }, # authenticated user (with no assigned access permission) has no authorization for deleting a # resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE, 'success': False, 'exception': PermissionDenied } ] # test for private resource self.assertFalse(self.res.raccess.public) self.assertFalse(self.res.raccess.discoverable) parameters = [ # authenticated user (with no assigned access permission) has no authorization for viewing # metadata of a private resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': False, 'exception': PermissionDenied }, # authenticated user (with no assigned access permission) has no authorization for viewing a # private resource (both metadata and content files { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': False, 'exception': PermissionDenied } ] + common_parameters self._run_tests(self.request, parameters) # test for discoverable resource self.res.raccess.discoverable = True self.res.raccess.public = False self.res.raccess.save() parameters = [ # authenticated user (with no assigned access permission) has no authorization for resource view # (metadata and content files) for a discoverable resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': False, 'exception': PermissionDenied }, # authenticated (with no assigned access permission) user has authorization for resource metadata # only view for a discoverable resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': True, 'exception': None } ] + common_parameters self._run_tests(self.request, parameters) # test for public resource self.assertTrue(self.res.raccess.discoverable) self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = False self.res.raccess.public = True self.res.raccess.save() parameters = [ # authenticated user (with no assigned access permission) has authorization for resource view # (metadata and content files) for a public or published resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': True, 'exception': None }, # authenticated user (with no assigned access permission)has authorization for resource metadata # only view for a public or published resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': True, 'exception': None } ] + common_parameters self._run_tests(self.request, parameters) # test for immutable/published resource self.assertFalse(self.res.raccess.immutable) self.assertFalse(self.res.raccess.published) self.assertTrue(self.res.raccess.public) self.res.raccess.immutable = True self.res.raccess.published = True self.res.raccess.save() self._run_tests(self.request, parameters)
def test_authorize_viewer(self): # create view_user view_user = users.create_account( '*****@*****.**', username='******', first_name='view_first_name', last_name='view_last_name', superuser=False, groups=[]) self.request.user = view_user parameters = [ # resource viewer has authorization for resource metadata view {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': True, 'exception': None}, # resource viewer has authorization for resource view (metadata and content files) {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': True, 'exception': None}, # resource viewer has no authorization for editing a resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE, 'success': False, 'exception': PermissionDenied}, # resource viewer has no authorization for changing resource flags # (e.g., public, published/immutable, shareable etc) {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG, 'success': False, 'exception': PermissionDenied}, # resource viewer has no authorization for deleting a resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE, 'success': False, 'exception': PermissionDenied}, # resource viewer has no authorization for creating a resource version {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION, 'success': False, 'exception': PermissionDenied} ] # grant view_user view permission self.user.uaccess.share_resource_with_user(self.res, view_user, PrivilegeCodes.VIEW) # test for private resource self.assertFalse(self.res.raccess.public) self.assertFalse(self.res.raccess.discoverable) self._run_tests(self.request, parameters) # test for discoverable resource self.assertFalse(self.res.raccess.discoverable) self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = True self.res.raccess.save() self._run_tests(self.request, parameters) # test for public resource self.assertTrue(self.res.raccess.discoverable) self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = False self.res.raccess.public = True self.res.raccess.save() self._run_tests(self.request, parameters) # test for immutable/published resource self.assertFalse(self.res.raccess.immutable) self.assertFalse(self.res.raccess.published) self.assertTrue(self.res.raccess.public) self.res.raccess.immutable = True self.res.raccess.published = True self.res.raccess.save() self._run_tests(self.request, parameters)
def test_authorize_superuser(self): # create super user super_user = users.create_account( '*****@*****.**', username='******', first_name='super_first_name', last_name='super_last_name', superuser=True, groups=[]) self.request.user = super_user common_parameters = [ # super user has authorization for resource metadata view for a resource # that is private or discoverable or public or published {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': True, 'exception': None}, # super user has authorization for resource view (both metadata and content files)for a resource # that is private or discoverable or public or published {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': True, 'exception': None}, # super user has authorization for editing a resource that is private or discoverable or public # or published {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE, 'success': True, 'exception': None}, # super user has authorization for deleting a resource that is private or discoverable or public # or published {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE, 'success': True, 'exception': None}, # super user has no authorization for creating a resource version {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION, 'success': False, 'exception': PermissionDenied} ] parameters = [ # super user has authorization for setting resource flags (e.g., public, # published/immutable, shareable etc) for a private, public or discoverable resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG, 'success': True, 'exception': None}, ] + common_parameters # test for private resource self.assertFalse(self.res.raccess.public) self.assertFalse(self.res.raccess.discoverable) self._run_tests(self.request, parameters) # test for discoverable resource self.assertFalse(self.res.raccess.discoverable) self.res.raccess.discoverable = True self.res.raccess.save() self._run_tests(self.request, parameters) # test for public resource self.assertTrue(self.res.raccess.discoverable) self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = False self.res.raccess.public = True self.res.raccess.save() self._run_tests(self.request, parameters) # test for immutable/published resource self.assertFalse(self.res.raccess.immutable) self.assertFalse(self.res.raccess.published) self.assertTrue(self.res.raccess.public) self.res.raccess.immutable = True self.res.raccess.published = True self.res.raccess.save() parameters = [ # super user has authorization for setting resource flags (e.g., public, # published/immutable, shareable etc) for a published resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG, 'success': True, 'exception': None}, ] + common_parameters self._run_tests(self.request, parameters)
def test_authorize_user(self): # create user - has no assigned resource access privilege authenticated_user = users.create_account( '*****@*****.**', username='******', first_name='user_first_name', last_name='user_last_name', superuser=False, groups=[]) self.request.user = authenticated_user common_parameters = [ # authenticated user (with no assigned access permission) has no authorization for editing a # resource (metadata and content files) {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE, 'success': False, 'exception': PermissionDenied}, # authenticated user (with no assigned access permission) has no authorization for # setting resource flags {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG, 'success': False, 'exception': PermissionDenied}, # authenticated user (with no assigned access permission) has no authorization for creating a # resource version {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION, 'success': False, 'exception': PermissionDenied}, # authenticated user (with no assigned access permission) has no authorization for deleting a # resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE, 'success': False, 'exception': PermissionDenied} ] # test for private resource self.assertFalse(self.res.raccess.public) self.assertFalse(self.res.raccess.discoverable) parameters = [ # authenticated user (with no assigned access permission) has no authorization for viewing # metadata of a private resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': False, 'exception': PermissionDenied}, # authenticated user (with no assigned access permission) has no authorization for viewing a # private resource (both metadata and content files {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': False, 'exception': PermissionDenied} ] + common_parameters self._run_tests(self.request, parameters) # test for discoverable resource self.res.raccess.discoverable = True self.res.raccess.public = False self.res.raccess.save() parameters = [ # authenticated user (with no assigned access permission) has no authorization for resource view # (metadata and content files) for a discoverable resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': False, 'exception': PermissionDenied}, # authenticated (with no assigned access permission) user has authorization for resource metadata # only view for a discoverable resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': True, 'exception': None} ] + common_parameters self._run_tests(self.request, parameters) # test for public resource self.assertTrue(self.res.raccess.discoverable) self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = False self.res.raccess.public = True self.res.raccess.save() parameters = [ # authenticated user (with no assigned access permission) has authorization for resource view # (metadata and content files) for a public or published resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': True, 'exception': None}, # authenticated user (with no assigned access permission)has authorization for resource metadata # only view for a public or published resource {'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': True, 'exception': None} ] + common_parameters self._run_tests(self.request, parameters) # test for immutable/published resource self.assertFalse(self.res.raccess.immutable) self.assertFalse(self.res.raccess.published) self.assertTrue(self.res.raccess.public) self.res.raccess.immutable = True self.res.raccess.published = True self.res.raccess.save() self._run_tests(self.request, parameters)
def test_default_parameters(self): # default permission is view # >> test private resource self.assertFalse(self.res.raccess.public) # test owner self.request.user = self.user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test super user super_user = users.create_account( '*****@*****.**', username='******', first_name='super_first_name', last_name='super_last_name', superuser=True, groups=[]) self.request.user = super_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test edit user edit_user = users.create_account( '*****@*****.**', username='******', first_name='edit_first_name', last_name='edit_last_name', superuser=False, groups=[]) self.request.user = edit_user # grant edit_user edit permission self.user.uaccess.share_resource_with_user(self.res, edit_user, PrivilegeCodes.CHANGE) _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test view user view_user = users.create_account( '*****@*****.**', username='******', first_name='view_first_name', last_name='view_last_name', superuser=False, groups=[]) self.request.user = view_user # grant view_user view permission self.user.uaccess.share_resource_with_user(self.res, view_user, PrivilegeCodes.VIEW) _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test authenticated user with no granted permission authenticated_user = users.create_account( '*****@*****.**', username='******', first_name='user_first_name', last_name='user_last_name', superuser=False, groups=[]) self.request.user = authenticated_user with self.assertRaises(PermissionDenied): authorize(self.request, res_id=self.res.short_id) # test anonymous user self.request.user = AnonymousUser() with self.assertRaises(PermissionDenied): authorize(self.request, res_id=self.res.short_id) # >> test for discoverable resource self.assertFalse(self.res.raccess.discoverable) self.res.raccess.discoverable = True self.res.raccess.public = False self.res.raccess.save() # test owner self.request.user = self.user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test super user self.request.user = super_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test edit user self.request.user = edit_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test view user self.request.user = view_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test authenticated user self.request.user = authenticated_user with self.assertRaises(PermissionDenied): authorize(self.request, res_id=self.res.short_id) # test anonymous user self.request.user = AnonymousUser() with self.assertRaises(PermissionDenied): authorize(self.request, res_id=self.res.short_id) # >> test for public resource self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = False self.res.raccess.public = True self.res.raccess.save() # test owner self.request.user = self.user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test super user self.request.user = super_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test edit user self.request.user = edit_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test view user self.request.user = view_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test authenticated user self.request.user = authenticated_user authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test anonymous user self.request.user = AnonymousUser() authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # >> test for published resource self.assertFalse(self.res.raccess.published) self.res.raccess.published = False self.res.raccess.immutable = True self.res.raccess.save() # test owner self.request.user = self.user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test super user self.request.user = super_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test edit user self.request.user = edit_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test view user self.request.user = view_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test authenticated user self.request.user = authenticated_user authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test anonymous user self.request.user = AnonymousUser() authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized)
def test_get_resources_by_type(self): # This tests the ability to filter resources by type # Note: print statements are for debugging assertion failures only print '**********************\n' * 5 print '******* STDOUT *******' print '**********************\n' * 5 group, _ = Group.objects.get_or_create(name='Hydroshare Author') print 'Created Group : '+str(group) # create a user user = users.create_account( '*****@*****.**', username='******', first_name='some_first_name', last_name='some_last_name', superuser=False, groups=[group]) # get the user's id userid = User.objects.get(username=user).pk print 'UserID : '+ str(userid) group = users.create_group('MyGroup',members=[user],owners=[user]) print 'Assigned User To Group' # create a generic resource new_res = resource.create_resource( 'GenericResource',user,'My Test GenericResource Resource') pid = new_res.short_id print 'Created GenericResource, PID : '+str(pid) # create a raster resource new_res = resource.create_resource( 'RefTimeSeries',user,'My Test RefTimeSeries Resource') pid = new_res.short_id print 'Created RefTimeSeries 1, PID : '+str(pid) # create a raster resource new_res = resource.create_resource( 'RefTimeSeries',user,'My Test RefTimeSeries Resource2') pid = new_res.short_id print 'Created RefTimeSeries 2, PID : '+str(pid) # create a rhyssys resource new_res = resource.create_resource( 'InstResource',user,'My Test InstResource Resource') pid = new_res.short_id print 'Created InstResource, PID : '+str(pid) res_types_all = hydroshare.get_resource_list(user=user) print '\nQuery All Resources: ' print 'Resource Type \t:\t Number of Resources Found' print '------------- \t:\t -------------------------' for k,v in res_types_all.iteritems(): print k.__name__+ '\t:\t '+ str(len(res_types_all[k])) res_names = [r.__name__ for r in res_types_all] self.assertTrue('GenericResource' in res_names) self.assertTrue('RefTimeSeries' in res_names) self.assertTrue('InstResource' in res_names) res_types_one = hydroshare.get_resource_list( user=user,types=['GenericResource']) print '\nQuery One Resource: ' print 'Resource Type \t:\t Number of Resources Found' print '------------- \t:\t -------------------------' for k,v in res_types_one.iteritems(): print k.__name__+ '\t:\t '+ str(len(res_types_one[k])) res_names = [r.__name__ for r in res_types_one] self.assertTrue('GenericResource' in res_names) self.assertTrue('RefTimeSeries' not in res_names) self.assertTrue('InstResource' not in res_names) res_types_multiple = hydroshare.get_resource_list( user=user,types=['GenericResource','RefTimeSeries']) print '\nQuery Multiple Resources: ' print 'Resource Type \t:\t Number of Resources Found' print '------------- \t:\t -------------------------' for k,v in res_types_multiple.iteritems(): print k.__name__+ '\t:\t '+ str(len(res_types_multiple[k])) res_names = [r.__name__ for r in res_types_multiple] self.assertTrue('GenericResource' in res_names) self.assertTrue('RefTimeSeries' in res_names) self.assertTrue('InstResource' not in res_names) # delete the resource resource.delete_resource(pid)
def test_authorize_viewer(self): # create view_user view_user = users.create_account('*****@*****.**', username='******', first_name='view_first_name', last_name='view_last_name', superuser=False, groups=[]) self.request.user = view_user parameters = [ # resource viewer has authorization for resource metadata view { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': True, 'exception': None }, # resource viewer has authorization for resource view (metadata and content files) { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': True, 'exception': None }, # resource viewer has no authorization for editing a resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE, 'success': False, 'exception': PermissionDenied }, # resource viewer has no authorization for changing resource flags # (e.g., public, published/immutable, shareable etc) { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG, 'success': False, 'exception': PermissionDenied }, # resource viewer has no authorization for deleting a resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE, 'success': False, 'exception': PermissionDenied }, # resource viewer has no authorization for creating a resource version { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION, 'success': False, 'exception': PermissionDenied } ] # grant view_user view permission self.user.uaccess.share_resource_with_user(self.res, view_user, PrivilegeCodes.VIEW) # test for private resource self.assertFalse(self.res.raccess.public) self.assertFalse(self.res.raccess.discoverable) self._run_tests(self.request, parameters) # test for discoverable resource self.assertFalse(self.res.raccess.discoverable) self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = True self.res.raccess.save() self._run_tests(self.request, parameters) # test for public resource self.assertTrue(self.res.raccess.discoverable) self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = False self.res.raccess.public = True self.res.raccess.save() self._run_tests(self.request, parameters) # test for immutable/published resource self.assertFalse(self.res.raccess.immutable) self.assertFalse(self.res.raccess.published) self.assertTrue(self.res.raccess.public) self.res.raccess.immutable = True self.res.raccess.published = True self.res.raccess.save() self._run_tests(self.request, parameters)
def test_authorize_superuser(self): # create super user super_user = users.create_account('*****@*****.**', username='******', first_name='super_first_name', last_name='super_last_name', superuser=True, groups=[]) self.request.user = super_user common_parameters = [ # super user has authorization for resource metadata view for a resource # that is private or discoverable or public or published { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA, 'success': True, 'exception': None }, # super user has authorization for resource view (both metadata and content files)for a resource # that is private or discoverable or public or published { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE, 'success': True, 'exception': None }, # super user has authorization for editing a resource that is private or discoverable or public # or published { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE, 'success': True, 'exception': None }, # super user has authorization for deleting a resource that is private or discoverable or public # or published { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE, 'success': True, 'exception': None }, # super user has no authorization for creating a resource version { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION, 'success': False, 'exception': PermissionDenied } ] parameters = [ # super user has authorization for setting resource flags (e.g., public, # published/immutable, shareable etc) for a private, public or discoverable resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG, 'success': True, 'exception': None }, ] + common_parameters # test for private resource self.assertFalse(self.res.raccess.public) self.assertFalse(self.res.raccess.discoverable) self._run_tests(self.request, parameters) # test for discoverable resource self.assertFalse(self.res.raccess.discoverable) self.res.raccess.discoverable = True self.res.raccess.save() self._run_tests(self.request, parameters) # test for public resource self.assertTrue(self.res.raccess.discoverable) self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = False self.res.raccess.public = True self.res.raccess.save() self._run_tests(self.request, parameters) # test for immutable/published resource self.assertFalse(self.res.raccess.immutable) self.assertFalse(self.res.raccess.published) self.assertTrue(self.res.raccess.public) self.res.raccess.immutable = True self.res.raccess.published = True self.res.raccess.save() parameters = [ # super user has authorization for setting resource flags (e.g., public, # published/immutable, shareable etc) for a published resource { 'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG, 'success': True, 'exception': None }, ] + common_parameters self._run_tests(self.request, parameters)
def test_default_parameters(self): # default permission is view # >> test private resource self.assertFalse(self.res.raccess.public) # test owner self.request.user = self.user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test super user super_user = users.create_account('*****@*****.**', username='******', first_name='super_first_name', last_name='super_last_name', superuser=True, groups=[]) self.request.user = super_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test edit user edit_user = users.create_account('*****@*****.**', username='******', first_name='edit_first_name', last_name='edit_last_name', superuser=False, groups=[]) self.request.user = edit_user # grant edit_user edit permission self.user.uaccess.share_resource_with_user(self.res, edit_user, PrivilegeCodes.CHANGE) _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test view user view_user = users.create_account('*****@*****.**', username='******', first_name='view_first_name', last_name='view_last_name', superuser=False, groups=[]) self.request.user = view_user # grant view_user view permission self.user.uaccess.share_resource_with_user(self.res, view_user, PrivilegeCodes.VIEW) _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test authenticated user with no granted permission authenticated_user = users.create_account('*****@*****.**', username='******', first_name='user_first_name', last_name='user_last_name', superuser=False, groups=[]) self.request.user = authenticated_user with self.assertRaises(PermissionDenied): authorize(self.request, res_id=self.res.short_id) # test anonymous user self.request.user = AnonymousUser() with self.assertRaises(PermissionDenied): authorize(self.request, res_id=self.res.short_id) # >> test for discoverable resource self.assertFalse(self.res.raccess.discoverable) self.res.raccess.discoverable = True self.res.raccess.public = False self.res.raccess.save() # test owner self.request.user = self.user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test super user self.request.user = super_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test edit user self.request.user = edit_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test view user self.request.user = view_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test authenticated user self.request.user = authenticated_user with self.assertRaises(PermissionDenied): authorize(self.request, res_id=self.res.short_id) # test anonymous user self.request.user = AnonymousUser() with self.assertRaises(PermissionDenied): authorize(self.request, res_id=self.res.short_id) # >> test for public resource self.assertFalse(self.res.raccess.public) self.res.raccess.discoverable = False self.res.raccess.public = True self.res.raccess.save() # test owner self.request.user = self.user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test super user self.request.user = super_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test edit user self.request.user = edit_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test view user self.request.user = view_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test authenticated user self.request.user = authenticated_user authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test anonymous user self.request.user = AnonymousUser() authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # >> test for published resource self.assertFalse(self.res.raccess.published) self.res.raccess.published = False self.res.raccess.immutable = True self.res.raccess.save() # test owner self.request.user = self.user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test super user self.request.user = super_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test edit user self.request.user = edit_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test view user self.request.user = view_user _, authorized, _ = authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test authenticated user self.request.user = authenticated_user authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized) # test anonymous user self.request.user = AnonymousUser() authorize(self.request, res_id=self.res.short_id) self.assertTrue(authorized)