def test_create_tag_and_tagset(self):
"""
Creates a Tagset then a Tag within the Tagset
"""
tsValue = 'testTagset'
request_url = reverse("manage_action_containers",
args=["addnewcontainer"])
data = {'folder_type': 'tagset', 'name': tsValue}
response = post(self.django_client, request_url, data)
tagsetId = json.loads(response.content).get("id")
# check creation
tagset = self.query.get('TagAnnotationI', tagsetId)
assert tagset is not None
assert tagset.ns.val == omero.constants.metadata.NSINSIGHTTAGSET
assert tagset.textValue.val == tsValue
# Add tag to the tagset
request_url = reverse("manage_action_containers",
args=["addnewcontainer", "tagset", tagsetId])
data = {'folder_type': 'tag', 'name': 'tagInTagset'}
response2 = post(self.django_client, request_url, data)
tagId = json.loads(response2.content).get("id")
# Check that tag is listed under tagset...
request_url = reverse("api_tags_and_tagged")
data = {'id': tagsetId}
data = get_json(self.django_client, request_url, data)
assert len(data['tags']) == 1
assert data['tags'][0]['id'] == tagId
def test_edit_share(self):
# create images
images = [
self.create_test_image(session=self.sf),
self.create_test_image(session=self.sf)
]
sid = self.sf.getShareService().createShare("foobar", rtime(None),
images, [self.user], [],
True)
request_url = reverse("manage_action_containers",
args=["save", "share", sid])
data = {
'enable': 'on',
'image': [i.id.val for i in images],
'members': self.user.id.val,
'message': 'another foobar'
}
post(self.django_client, request_url, data)
# remove image from share
request_url = reverse("manage_action_containers",
args=["removefromshare", "share", sid])
data = {
'source': images[1].id.val,
}
post(self.django_client, request_url, data)
def test_create_restricted_admin(self, privilege):
"""Test creation of restricted admin."""
uuid = self.uuid()
groupid = self.new_group().id.val
request_url = reverse('wamanageexperimenterid', args=["create"])
data = {
"omename": uuid,
"first_name": uuid,
"last_name": uuid,
"active": "on",
"default_group": groupid,
"other_groups": groupid,
"password": uuid,
"confirmation": uuid,
"role": "restricted_administrator"
}
name, expected = privilege
# Enable a single Privilege for this user
data[name] = 'on'
post(self.django_root_client, request_url, data, status_code=302)
admin = self.client.sf.getAdminService()
exp = admin.lookupExperimenter(uuid)
privileges = [p.getValue().val for p in admin.getAdminPrivileges(exp)]
assert set(expected) == set(privileges)
def test_create_tag(self):
# Create User and Dataset in a Read-Annotate group
client, user = self.new_client_and_user(perms='rwrw--')
omeName = client.sf.getAdminService().getEventContext().userName
django_client = self.new_django_client(omeName, omeName)
ds = self.make_dataset("test_create_tag", client=client)
tagname = "test_create_tag"
desc = "The description of the new tag"
request_url = reverse('annotate_tags')
data = {
'dataset': ds.id.val,
'filter_mode': 'any',
'filter_owner_mode': 'all',
'index': 0,
'newtags-0-tag': tagname,
'newtags-0-description': desc,
'newtags-INITIAL_FORMS': 0,
'newtags-MAX_NUM_FORMS': 1000,
'newtags-TOTAL_FORMS': 1,
'tags': "",
}
post(django_client, request_url, data)
# Check tag exists on Dataset
request_url = reverse('api_annotations')
data = {"dataset": ds.id.val}
rsp = get_json(django_client, request_url, data)
tagNames = [t['textValue'] for t in rsp['annotations']]
assert tagNames == [tagname]
def test_attach_file(self):
# Due to EOF both posts must be test separately
# Bad post
img = self.image_with_channels()
try:
temp = tempfile.NamedTemporaryFile(suffix='.csrf')
temp.write("Testing without csrf token")
temp.seek(0)
request_url = reverse('annotate_file')
data = {'image': img.id.val, 'index': 0, 'annotation_file': temp}
post(self.django_client, request_url, data)
finally:
temp.close()
# Good post
try:
temp = tempfile.NamedTemporaryFile(suffix='.csrf')
temp.write("Testing csrf token")
temp.seek(0)
request_url = reverse('annotate_file')
data = {'image': img.id.val, 'index': 0, 'annotation_file': temp}
post(self.django_client, request_url, data)
finally:
temp.close()
def test_edit_tag_and_tagset(self, dtype):
"""
Creates Tag/Tagset and tests editing of name and description
"""
request_url = reverse("manage_action_containers",
args=["addnewcontainer"])
data = {'folder_type': dtype, 'name': 'beforeEdit'}
response = post(self.django_client, request_url, data)
tagId = json.loads(response.content).get("id")
# Edit name
request_url = reverse("manage_action_containers",
args=["savename", dtype, tagId])
data = {'name': 'afterEdit'}
response = post(self.django_client, request_url, data)
# Edit description
request_url = reverse("manage_action_containers",
args=["savedescription", dtype, tagId])
data = {'description': 'New description after editing'}
response = post(self.django_client, request_url, data)
# check edited name and description
tagset = self.query.get('TagAnnotationI', tagId)
assert tagset is not None
if dtype == "tagset":
assert tagset.ns.val == omero.constants.metadata.NSINSIGHTTAGSET
assert tagset.textValue.val == 'afterEdit'
assert tagset.description.val == 'New description after editing'
def test_batch_add_fileannotations(self, link_count):
"""Test adding file annotation to Project(s)."""
client, user = self.new_client_and_user(perms='rwrw--')
omeName = client.sf.getAdminService().getEventContext().userName
django_client1 = self.new_django_client(omeName, omeName)
# User creates 2 Projects
pr1 = self.make_project("test_batch_file_ann1", client=client)
pr2 = self.make_project("test_batch_file_ann2", client=client)
pr_ids = [pr1.id.val, pr2.id.val]
# Create File and FileAnnotation
fname = "fname_%s" % client.getSessionId()
update = client.sf.getUpdateService()
f = omero.model.OriginalFileI()
f.name = omero.rtypes.rstring(fname)
f.path = omero.rtypes.rstring("")
f = update.saveAndReturnObject(f)
fa = omero.model.FileAnnotationI()
fa.setFile(f)
fa = update.saveAndReturnObject(fa)
# get form for annotating both Projects
request_url = reverse('annotate_file')
data = {"project": pr_ids}
rsp = get(django_client1, request_url, data)
html = rsp.content.decode('utf-8')
assert fname in html
# Link File Annotation to 1 or 2 Projects
post_data = {"project": pr_ids[0:link_count], "files": [fa.id.val]}
post(django_client1, request_url, post_data)
# Check for link to first Project
api_ann_url = reverse('api_annotations')
rsp = get_json(django_client1, api_ann_url, {"project": pr1.id.val})
assert fa.id.val in [a['id'] for a in rsp['annotations']]
# Annotation Form should NOT show file if linked to BOTH projects
show_file = link_count == 1
rsp = get(django_client1, request_url, data)
html = rsp.content.decode('utf-8')
assert (fname in html) == show_file
# Remove file from both Projects
remove_url = reverse('manage_action_containers',
kwargs={
'action': 'remove',
'o_type': 'file',
'o_id': fa.id.val
})
remove_data = {
'parent': 'project-%s|project-%s' % (pr1.id.val, pr2.id.val)
}
post(django_client1, remove_url, remove_data)
# Check for NO link
rsp = get_json(django_client1, api_ann_url, {"project": pr1.id.val})
assert fa.id.val not in [a['id'] for a in rsp['annotations']]
def test_add_and_remove_comment(self):
request_url = reverse('annotate_comment')
data = {
'comment': 'foobar',
'image': self.image_with_channels().id.val
}
post(self.django_client, request_url, data)
def test_apply_owners_rendering_settings(self):
img = self.create_test_image(session=self.sf)
request_url = reverse('reset_owners_rdef_json')
data = {'toids': img.id.val, 'to_type': 'image'}
post(self.django_client, request_url, data)
def test_edit_group(self):
group = self.new_group(perms="rw----")
request_url = reverse('wamanagegroupid', args=["save", group.id.val])
data = {
"name": group.name.val,
"description": "description",
"permissions": 0
}
post(self.django_root_client, request_url, data, status_code=302)
def test_add_edit_and_remove_tag(self):
# Add tag
img = self.make_image()
tag = self.new_tag()
request_url = reverse('annotate_tags')
data = {
'image': img.id.val,
'filter_mode': 'any',
'filter_owner_mode': 'all',
'index': 0,
'newtags-0-description': '',
'newtags-0-tag': 'foobar',
'newtags-0-tagset': '',
'newtags-INITIAL_FORMS': 0,
'newtags-MAX_NUM_FORMS': 1000,
'newtags-TOTAL_FORMS': 1,
'tags': tag.id.val
}
rsp = post(self.django_client, request_url, data)
rspJson = json.loads(rsp.content)
assert len(rspJson['new']) == 1
newTagId = rspJson['new'][0]
assert rspJson['added'] == [tag.id.val]
# Check that image is tagged with both tags
request_url = reverse("api_annotations")
data = {'image': img.id.val, 'type': 'tag'}
data = get_json(self.django_client, request_url, data)
assert len(data['annotations']) == 2
# Remove tag
request_url = reverse("manage_action_containers",
args=["remove", "tag", tag.id.val])
data = {'index': 0, 'parent': "image-%i" % img.id.val}
post(self.django_client, request_url, data)
# Check that tag is removed
request_url = reverse("api_annotations")
data = {'image': img.id.val, 'type': 'tag'}
data = get_json(self.django_client, request_url, data)
assert len(data['annotations']) == 1
# Delete other tag
request_url = reverse("manage_action_containers",
args=["delete", "tag", newTagId])
post(self.django_client, request_url, {})
# Check that tag is deleted from image
request_url = reverse("api_annotations")
data = {'image': img.id.val, 'type': 'tag'}
completed = False
# Async delete - Keep checking until done
for t in range(20):
rsp = get_json(self.django_client, request_url, data)
if len(rsp['annotations']) == 0:
completed = True
break
sleep(0.1)
assert completed
def test_myaccount(self):
request_url = reverse('wamyaccount', args=["save"])
data = {
"omename": self.user.omeName.val,
"first_name": self.user.omeName.val,
"last_name": self.user.lastName.val,
"institution": "foo bar",
"default_group": self.group.id.val
}
post(self.django_client, request_url, data, status_code=302)
def test_edit_channel_names(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.image_with_channels()
data = {'channel0': 'foobar'}
request_url = reverse('edit_channel_names', args=[img.id.val])
get(self.django_client, request_url, data, status_code=405, csrf=True)
post(self.django_client, request_url, data)
def test_move_data(self):
group_id = self.new_group(experimenters=[self.user]).id.val
request_url = reverse('chgrp')
data = {
'image': self.image_with_channels().id.val,
'group_id': group_id
}
post(self.django_root_client, request_url, data)
def test_save_experimenter(self):
"""Test edit of User"""
# Create User in 2 groups
uuid = self.uuid()
groupid = self.new_group().id.val
groupid2 = self.new_group().id.val
groupid3 = self.new_group().id.val
request_url = reverse('wamanageexperimenterid', args=["create"])
data = {
"omename": uuid,
"first_name": uuid,
"last_name": uuid,
"active": "on",
"default_group": groupid,
"other_groups": [groupid, groupid2],
"password": uuid,
"confirmation": uuid,
"role": "user",
}
post(self.django_root_client, request_url, data, status_code=302)
# Check that user was created in groups
admin = self.root.sf.getAdminService()
exp = admin.lookupExperimenter(uuid)
exp_id = exp.id.val
exp_gids = [m.parent.id.val for m in exp.copyGroupExperimenterMap()]
# first group is default group
assert exp_gids[0] == groupid
assert groupid2 in exp_gids
# Edit names, change default group, add group, remove group
new_name = "new_name_%s" % uuid
new_lastname = "new_lastname_%s" % uuid
request_url = reverse('wamanageexperimenterid', args=["save", exp_id])
data = {
"omename": uuid,
"first_name": new_name,
"last_name": new_lastname,
"active": "on",
"default_group": groupid2,
"other_groups": [groupid2, groupid3],
"role": "user",
}
post(self.django_root_client, request_url, data, status_code=302)
# Check
exp = admin.lookupExperimenter(uuid)
assert exp.firstName.val == new_name
assert exp.lastName.val == new_lastname
exp_id = exp.id.val
exp_gids = [m.parent.id.val for m in exp.copyGroupExperimenterMap()]
# first group is default group
assert exp_gids[0] == groupid2
assert groupid not in exp_gids
assert groupid3 in exp_gids
def test_edit_user(self):
user = self.new_user()
request_url = reverse('wamanageexperimenterid',
args=["save", user.id.val])
data = {
"omename": user.omeName.val,
"first_name": user.firstName.val,
"last_name": user.lastName.val,
"default_group": user.copyGroupExperimenterMap()[0].parent.id.val,
"other_groups": user.copyGroupExperimenterMap()[0].parent.id.val,
}
post(self.django_root_client, request_url, data, status_code=302)
def test_change_password(self):
user = self.new_user()
request_url = reverse('wamanagechangepasswordid', args=[user.id.val])
data = {
"old_password":
self.root.ic.getProperties().getProperty('omero.rootpass'),
"password":
"******",
"confirmation":
"new"
}
post(self.django_root_client, request_url, data)
def test_ome_tiff_script(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.create_test_image(session=self.sf)
request_url = reverse('ome_tiff_script', args=[img.id.val])
post(self.django_client, request_url, {})
get(self.django_client, request_url, status_code=405)
def test_create_share(self):
img = self.make_image()
request_url = reverse("manage_action_containers",
args=["add", "share"])
data = {
'enable': 'on',
'image': img.id.val,
'members': self.user.id.val,
'message': 'foobar'
}
post(self.django_client, request_url, data)
def test_su(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
user = self.new_user()
request_url = reverse('webgateway_su', args=[user.omeName.val])
get(self.django_root_client, request_url, {}, csrf=True)
post(self.django_root_client, request_url)
def test_edit_group_by_owner(self):
self.add_groups(experimenter=self.user,
groups=[self.group],
owner=True)
request_url = reverse('wamanagegroupownerid',
args=["save", self.group.id.val])
data = {
"members": self.user.id.val,
"owners": self.user.id.val,
"permissions": 0
}
post(self.django_client, request_url, data, status_code=302)
def test_create_user(self):
uuid = self.uuid()
groupid = self.new_group().id.val
request_url = reverse('wamanageexperimenterid', args=["create"])
data = {
"omename": uuid,
"first_name": uuid,
"last_name": uuid,
"active": "on",
"default_group": groupid,
"other_groups": groupid,
"password": uuid,
"confirmation": uuid,
"role": "user",
}
post(self.django_root_client, request_url, data, status_code=302)
def test_login_view(self):
"""
Test that a successful logout redirects to custom login view
"""
django_client = self.django_root_client
request_url = reverse('test_weblogin')
data = {
'server': 1,
'username': self.ctx.userName,
'password': self.ctx.userName,
}
rsp = post(django_client, request_url, data, status_code=302)
request_url = reverse('weblogout')
rsp = post(django_client, request_url, {}, status_code=302)
assert rsp['Location'].endswith(reverse('test_weblogin'))
assert not rsp['Location'].endswith(reverse('weblogin'))
def test_add_remove_tags(self):
# Test performance with lots of tags.
# See https://github.com/openmicroscopy/openmicroscopy/pull/4842
img_count = 200
tag_count = 10
iids = [self.make_image().id.val for i in range(img_count)]
tagIds = [str(self.new_tag().id.val) for i in range(tag_count)]
tagIds = ",".join(tagIds)
request_url = reverse('annotate_tags')
data = {
'image': iids,
'filter_mode': 'any',
'filter_owner_mode': 'all',
'index': 0,
'newtags-INITIAL_FORMS': 0,
'newtags-MAX_NUM_FORMS': 1000,
'newtags-TOTAL_FORMS': 0,
'tags': tagIds
}
rsp = post(self.django_client, request_url, data)
rspJson = json.loads(rsp.content)
assert len(rspJson['added']) == tag_count
# Check that tags are added to all images
anns_url = reverse("api_annotations")
query_string = '&'.join(['image=%s' % i for i in iids])
query_string += '&type=tag'
query_string += '&page=0' # disable pagination
rsp = self.django_client.get('%s?%s' % (anns_url, query_string))
rspJson = json.loads(rsp.content)
assert len(rspJson['annotations']) == img_count * tag_count
# Remove tags
data = {
'image': iids,
'filter_mode': 'any',
'filter_owner_mode': 'all',
'index': 0,
'newtags-INITIAL_FORMS': 0,
'newtags-MAX_NUM_FORMS': 1000,
'newtags-TOTAL_FORMS': 0,
'tags': ''
}
post(self.django_client, request_url, data)
# Check tags removed
rsp = self.django_client.get('%s?%s' % (anns_url, query_string))
rspJson = json.loads(rsp.content)
assert len(rspJson['annotations']) == 0
def test_reset_rendering_settings(self):
"""
CSRF protection does not check `GET` requests so we need to be sure
that this request results in an HTTP 405 (method not allowed) status
code.
"""
img = self.create_test_image(session=self.sf)
# Reset through webclient as it is calling directly
# webgateway.reset_image_rdef_json
request_url = reverse('reset_rdef_json')
data = {'toids': img.id.val, 'to_type': 'image'}
post(self.django_client, request_url, data)
get(self.django_client, request_url, data, status_code=405)
get(self.django_client, request_url, data, status_code=405, csrf=True)
def test_copy_past_rendering_settings_from_image(self):
# Create 2 images with 2 channels each
iid1 = self.create_test_image(size_c=2, session=self.sf).id.val
iid2 = self.create_test_image(size_c=2, session=self.sf).id.val
conn = omero.gateway.BlitzGateway(client_obj=self.client)
# image1 set color model
image1 = conn.getObject("Image", iid1)
image1.resetDefaults()
image1.setColorRenderingModel()
image1.setQuantizationMap(0, "logarithmic", 0.5)
image1.saveDefaults()
image1 = conn.getObject("Image", iid1)
# image2 set greyscale model
image2 = conn.getObject("Image", iid2)
image2.setGreyscaleRenderingModel()
image2.saveDefaults()
image2 = conn.getObject("Image", iid2)
assert image1.isGreyscaleRenderingModel() is False
assert image2.isGreyscaleRenderingModel() is True
img1_chan = image1.getChannels()[0]
assert img1_chan.getFamily().getValue() == 'logarithmic'
assert img1_chan.getCoefficient() == 0.5
img2_chan = image2.getChannels()[0]
assert img2_chan.getFamily().getValue() == 'linear'
assert img2_chan.getCoefficient() == 1.0
# copy rendering settings from image1 via ID
request_url = reverse('copy_image_rdef_json')
data = {"fromid": iid1}
get(self.django_client, request_url, data)
# paste rendering settings to image2
data = {'toids': iid2}
post(self.django_client, request_url, data)
image2 = conn.getObject("Image", iid2)
assert image2.isGreyscaleRenderingModel() is False
img2_chan = image2.getChannels()[0]
assert img2_chan.getFamily().getValue() == 'logarithmic'
assert img2_chan.getCoefficient() == 0.5
def test_add_and_rename_container(self):
# Add project
request_url = reverse("manage_action_containers",
args=["addnewcontainer"])
data = {'folder_type': 'project', 'name': 'foobar'}
response = post(self.django_client, request_url, data)
pid = json.loads(response.content).get("id")
# Add dataset to the project
request_url = reverse("manage_action_containers",
args=["addnewcontainer", "project", pid])
data = {'folder_type': 'dataset', 'name': 'foobar'}
post(self.django_client, request_url, data)
# Rename project
request_url = reverse("manage_action_containers",
args=["savename", "project", pid])
data = {'name': 'anotherfoobar'}
post(self.django_client, request_url, data)
# Change project description
request_url = reverse("manage_action_containers",
args=["savedescription", "project", pid])
data = {'description': 'anotherfoobar'}
post(self.django_client, request_url, data)
def test_required_fields(self, required_field):
"""Test form validation with required fields missing."""
uuid = self.uuid()
request_url = reverse('wamanagegroupid', args=["create"])
data = {"name": uuid, "permissions": "0"}
field, error = required_field
del data[field]
rsp = post(self.django_root_client, request_url, data)
assert error in rsp.content
def test_restricted_admin_create_edit_user(self):
"""Test create & edit user doesn't allow privilege escalation."""
exp = self.new_user(privileges=[
'Chown', 'ModifyGroup', 'ModifyUser', 'ModifyGroupMembership'
])
ome_name = exp.omeName.val
django_client = self.new_django_client(ome_name, ome_name)
uuid = self.uuid()
groupid = self.new_group().id.val
request_url = reverse('wamanageexperimenterid', args=["create"])
data = {
"omename": uuid,
"first_name": uuid,
"last_name": uuid,
"active": "on",
"default_group": groupid,
"other_groups": groupid,
"password": uuid,
"confirmation": uuid,
"role": "restricted_administrator",
"Sudo": 'on', # Sudo and Chgrp should be ignored (escalation)
"Chgrp": 'on',
"ModifyGroup": 'on', # Should be applied
}
post(django_client, request_url, data, status_code=302)
# Check that user was created
admin = self.client.sf.getAdminService()
exp = admin.lookupExperimenter(uuid)
# Check Privileges
privileges = [p.getValue().val for p in admin.getAdminPrivileges(exp)]
assert privileges == ['ModifyGroup']
# Edit user
request_url = reverse('wamanageexperimenterid',
args=["save", exp.id.val])
# Add & remove privileges
data['Chown'] = 'on'
del data['ModifyGroup']
post(django_client, request_url, data, status_code=302)
privileges = [p.getValue().val for p in admin.getAdminPrivileges(exp)]
assert privileges == ['Chown']
def annotate_tags_dataset(django_client, dsId, tagIds):
"""
Links the specified dataset and tags
"""
# 'newtags-0-description': '',
# 'newtags-0-tag': 'foobar',
# 'newtags-0-tagset': '',
request_url = reverse('annotate_tags')
data = {
'dataset': dsId,
'filter_mode': 'any',
'filter_owner_mode': 'all',
'index': 0,
'newtags-INITIAL_FORMS': 0,
'newtags-MAX_NUM_FORMS': 1000,
'newtags-TOTAL_FORMS': 0,
'tags': ",".join([str(i) for i in tagIds])
}
post(django_client, request_url, data)
