def test_test_database(models):
"""Test of the consitency of the test database."""
assert Organisation.select().count() == 10
assert User.select().count() == 63
assert OrcidToken.select().count() == 60
assert AffiliationRecord.select().count() == 10
assert FundingRecord.select().count() == 10
assert FundingContributor.select().count() == 10
assert FundingInvitee.select().count() == 10
assert ExternalId.select().count() == 10
assert WorkRecord.select().count() == 10
assert WorkContributor.select().count() == 10
assert WorkExternalId.select().count() == 10
assert WorkInvitee.select().count() == 10
assert PeerReviewRecord.select().count() == 10
assert PeerReviewExternalId.select().count() == 10
assert PeerReviewInvitee.select().count() == 10
assert ResearcherUrlRecord.select().count() == 10
assert OtherNameRecord.select().count() == 10
assert KeywordRecord.select().count() == 10
assert Task.select().count() == 30
assert UserOrgAffiliation.select().count() == 30
assert User.get(id=43).admin_for.count() == 10
assert User.get(id=1).admin_for.count() == 0
assert User.get(id=42).admin_for.count() > 0
assert User.get(id=2).organisations.count() > 0
assert Organisation.get(id=1).admins.count() == 1
assert Organisation.get(id=5).users.count() > 0
assert Organisation.get(id=5).admins.count() > 0
assert User.select().where(User.orcid == User.get(
email="*****@*****.**").orcid).count() == 3
assert len(User.get(email="*****@*****.**").org_links) == 3
user = User.get(email="*****@*****.**")
available_organisations = user.available_organisations
assert available_organisations.count() == 10
admin = User.create(email="*****@*****.**", organisation=user.organisation, confirmed=True,
first_name="TEST", last_name="ADMIN", roles=Role.ADMIN)
ui = UserInvitation.create(email=user.email, invitee=user, inviter=admin, token="TOKEN-123")
admin.delete_instance()
ui = UserInvitation.get(ui.id)
assert ui.inviter_id is None
user.delete_instance()
assert not UserInvitation.select().where(UserInvitation.id == ui.id).exists()
org = Organisation.select().limit(1).first()
user = User.select().limit(1).first()
ot = OrcidToken.create(user=user, org=org, scope="S1,S2,S3")
assert len(ot.scopes) == 3
ot.scopes = ["A", "B", "C", "D"]
assert ot.scope == "A,B,C,D"
def test_create_hub_administrator(app):
"""Test creation of the Hub administrators."""
org = app.data["org"]
runner = CliRunner()
runner.invoke(create_hub_administrator, ["*****@*****.**"])
assert User.select().where(User.email == "*****@*****.**").exists()
assert Organisation.select().where(
Organisation.name == "ORCID Hub").exists()
runner.invoke(create_hub_administrator,
["*****@*****.**", "-O", "NEW ORGANISATION #0"])
assert Organisation.select().where(
Organisation.name == "NEW ORGANISATION #0").exists()
assert User.get(
email="*****@*****.**").organisation.name == "NEW ORGANISATION #0"
runner.invoke(create_hub_administrator,
["*****@*****.**", "-O", "NEW ORG"])
assert Organisation.select().where(Organisation.name == "NEW ORG").exists()
assert User.get(email="*****@*****.**").organisation.name == "NEW ORG"
org_count = Organisation.select().count()
runner.invoke(create_hub_administrator,
["*****@*****.**", "-O", org.name])
assert Organisation.select().count() == org_count
assert User.get(email="*****@*****.**").organisation.name == org.name
runner.invoke(create_hub_administrator,
["*****@*****.**", "-I", "INTERNAL NAME 111"])
assert User.select().where(User.email == "*****@*****.**").exists()
assert Organisation.select().where(
Organisation.name == "ORCID Hub",
Organisation.tuakiri_name == "INTERNAL NAME 111").exists()
assert User.get(email="*****@*****.**"
).organisation.tuakiri_name == "INTERNAL NAME 111"
runner.invoke(
create_hub_administrator,
["*****@*****.**", "-O", "NEW ORG", "-I", "INTERNAL NAME 222"])
assert Organisation.select().where(
Organisation.name == "NEW ORG",
Organisation.tuakiri_name == "INTERNAL NAME 222").exists()
assert User.get(email="*****@*****.**"
).organisation.tuakiri_name == "INTERNAL NAME 222"
org_count = Organisation.select().count()
runner.invoke(
create_hub_administrator,
["*****@*****.**", "-O", org.name, "-I", "INTERNAL NAME 333"])
assert Organisation.select().count() == org_count
assert User.get(email="*****@*****.**"
).organisation.tuakiri_name == "INTERNAL NAME 333"
def test_login0(client):
"""Test login from orcid."""
resp = client.get("/login0")
assert resp.status_code == 401
u = User.select().where(User.orcid.is_null(False)).first()
email = u.email
import itsdangerous
signature = itsdangerous.Signer(
client.application.secret_key).get_signature(email).decode()
auth = email + ':' + signature
resp = client.get(f"/login0/{auth}")
assert resp.status_code == 302
assert current_user.email == email
resp = client.get("/login0", headers={"Authorization": auth})
assert resp.status_code == 302
assert current_user.email == email
from base64 import b64encode
resp = client.get(
"/login0",
headers={"Authorization": b64encode(auth.encode()).decode()})
assert resp.status_code == 302
assert current_user.email == email
def test_profile(client):
"""Test an affilated user profile and ORCID data retrieval and a user profile that doesn't hava an ORCID."""
org = Organisation.get(name="THE ORGANISATION")
test_user = User.create(email="*****@*****.**",
organisation=org,
orcid="ABC123",
confirmed=True)
OrcidToken.create(user=test_user,
org=org,
scope="/read-limited,/activities/update",
access_token="ABC1234")
resp = client.login(test_user, follow_redirects=True)
resp = client.get("/profile", follow_redirects=True)
assert resp.status_code == 200
assert b"ABC123" in resp.data
client.logout()
# Test a user profile that doesn't hava an ORCID.
user = User.select().where(User.organisation == org,
User.orcid.is_null()).first()
resp = client.login(user, follow_redirects=True)
resp = client.get("/profile")
assert resp.status_code == 302
assert "/link" in resp.location
def test_org_switch(client):
"""Test organisation switching."""
user = User.get(orcid=User.select(fn.COUNT(User.orcid).alias("id_count"), User.orcid).group_by(
User.orcid).having(fn.COUNT(User.orcid) > 1).naive().first().orcid)
user_orgs = UserOrg.select().join(User).where(User.orcid == user.orcid)
new_org = Organisation.select().where(Organisation.id.not_in([uo.org_id for uo in user_orgs])).first()
UserOrg.create(user=user, org=new_org, affiliations=0)
resp = client.login(user, follow_redirects=True)
assert user.email.encode() in resp.data
assert len(user.org_links) > 1
assert current_user == user
# Nothing changes if it is the same organisation
uo = user.userorg_set.where(UserOrg.org_id == user.organisation_id).first()
resp = client.get(f"/select/user_org/{uo.id}", follow_redirects=True)
assert User.get(user.id).organisation_id == user.organisation_id
assert user.email.encode() in resp.data
# The current org changes if it's a dirrerent org on the list
uo = user.userorg_set.where(UserOrg.org_id != user.organisation_id).first()
resp = client.get(f"/select/user_org/{uo.id}", follow_redirects=True)
assert User.get(user.id).organisation_id != user.organisation_id
assert User.get(user.id).organisation_id == uo.org_id
for ol in user.org_links:
assert ol.org.name.encode() in resp.data
if UserOrg.get(ol.id).user.id != user.id:
next_ol = ol
# Shoud be a totally different user account:
resp = client.get(f"/select/user_org/{next_ol.id}", follow_redirects=True)
next_user = UserOrg.get(next_ol.id).user
assert next_user.id != user.id
def models(testdb):
Organisation.insert_many((dict(name="Organisation #%d" % i,
tuakiri_name="Organisation #%d" % i,
orcid_client_id="client-%d" % i,
orcid_secret="secret-%d" % i,
confirmed=(i % 2 == 0))
for i in range(10))).execute()
User.insert_many(
(dict(name="Test User #%d" % i,
first_name="Test_%d" % i,
last_name="User_%d" % i,
email="user%d@org%d.org.nz" % (i, i * 4 % 10),
confirmed=(i % 3 != 0),
roles=Role.SUPERUSER if i % 42 == 0 else Role.ADMIN if i %
13 == 0 else Role.RESEARCHER) for i in range(60))).execute()
User.insert_many((dict(name="Test User with ORCID ID 'ABC-123' #%d" % i,
orcid="ABC-123",
first_name="Test_%d" % i,
last_name="User_%d" % i,
email="user_the_same_id_%d@org%d.org.nz" % (i, i),
confirmed=True,
organisation=(i + 1),
roles=Role.RESEARCHER)
for i in range(3))).execute()
UserOrg.insert_many(
dict(user=u.id, org=u.organisation_id)
for u in User.select().where(User.orcid == "ABC-123")).execute()
UserOrg.insert_many(
(dict(is_admin=((u + o) % 23 == 0), user=u, org=o)
for (u, o) in product(range(2, 60, 4), range(2, 10)))).execute()
UserOrg.insert_many(
(dict(is_admin=True, user=43, org=o) for o in range(1, 11))).execute()
OrcidToken.insert_many((dict(user=User.get(id=1),
org=Organisation.get(id=1),
scopes="/read-limited",
access_token="Test_%d" % i)
for i in range(60))).execute()
UserOrgAffiliation.insert_many((dict(user=User.get(id=1),
organisation=Organisation.get(id=1),
department_name="Test_%d" % i,
department_city="Test_%d" % i,
role_title="Test_%d" % i,
path="Test_%d" % i,
put_code="%d" % i)
for i in range(30))).execute()
Task.insert_many((dict(org=Organisation.get(id=1),
created_by=User.get(id=1),
updated_by=User.get(id=1),
filename="Test_%d" % i,
task_type=0) for i in range(30))).execute()
AffiliationRecord.insert_many((dict(is_active=False,
task=Task.get(id=1),
put_code=90,
external_id="Test_%d" % i,
status="Test_%d" % i,
first_name="Test_%d" % i,
last_name="Test_%d" % i,
email="Test_%d" % i,
orcid="123112311231%d" % i,
organisation="Test_%d" % i,
affiliation_type="Test_%d" % i,
role="Test_%d" % i,
department="Test_%d" % i,
city="Test_%d" % i,
state="Test_%d" % i,
country="Test_%d" % i,
disambiguated_id="Test_%d" % i,
disambiguation_source="Test_%d" % i)
for i in range(10))).execute()
PropertyRecord.insert_many((dict(type="URL",
is_active=False,
task=Task.get(id=1),
put_code=90,
status="Test_%d" % i,
first_name="Test_%d" % i,
last_name="Test_%d" % i,
email="Test_%d" % i,
orcid="123112311231%d" % i,
name="Test_%d" % i,
value="Test_%d" % i,
visibility="Test_%d" % i,
display_index=i)
for i in range(10))).execute()
PropertyRecord.insert_many((dict(type="NAME",
is_active=False,
task=Task.get(id=1),
put_code=90,
status="Test_%d" % i,
first_name="Test_%d" % i,
last_name="Test_%d" % i,
email="Test_%d" % i,
orcid="123112311231%d" % i,
value="Test_%d" % i,
visibility="Test_%d" % i,
display_index=i)
for i in range(10))).execute()
PropertyRecord.insert_many((dict(type="KEYWORD",
is_active=False,
task=Task.get(id=1),
put_code=90,
status="Test_%d" % i,
first_name="Test_%d" % i,
last_name="Test_%d" % i,
email="Test_%d" % i,
orcid="123112311231%d" % i,
value="Test_%d" % i,
visibility="Test_%d" % i,
display_index=i)
for i in range(10))).execute()
FundingRecord.insert_many(
(dict(task=Task.get(id=1),
title="Test_%d" % i,
translated_title="Test_%d" % i,
translated_title_language_code="Test_%d" % i,
type="Test_%d" % i,
organization_defined_type="Test_%d" % i,
short_description="Test_%d" % i,
amount="Test_%d" % i,
currency="Test_%d" % i,
org_name="Test_%d" % i,
city="Test_%d" % i,
region="Test_%d" % i,
country="Test_%d" % i,
disambiguated_id="Test_%d" % i,
disambiguation_source="Test_%d" % i,
is_active=False,
status="Test_%d" % i) for i in range(10))).execute()
record = FundingRecord.get()
FundingContributor.insert_many((dict(record=record,
orcid="123112311231%d" % i,
name="Test_%d" % i,
role="Test_%d" % i)
for i in range(10))).execute()
FundingInvitee.insert_many((dict(record=record,
orcid="123112311231%d" % i,
first_name="Test_%d" % i,
last_name="Test_%d" % i,
put_code=i,
status="Test_%d" % i,
identifier="%d" % i,
visibility="Test_%d" % i,
email="Test_%d" % i)
for i in range(10))).execute()
ExternalId.insert_many((dict(record=record,
type="Test_%d" % i,
value="Test_%d" % i,
url="Test_%d" % i,
relationship="Test_%d" % i)
for i in range(10))).execute()
task = Task.get()
PeerReviewRecord.insert_many(
(dict(task=task,
review_group_id="issn:1212_%d" % i,
reviewer_role="reviewer_%d" % i,
review_url="xyz_%d" % i,
review_type="REVIEW_%d" % i,
subject_external_id_type="doi_%d" % i,
subject_external_id_value="1212_%d" % i,
subject_external_id_url="url/SELF_%d" % i,
subject_external_id_relationship="SELF_%d" % i,
subject_container_name="Journal title_%d" % i,
subject_type="JOURNAL_ARTICLE_%d" % i,
subject_name_title="name_%d" % i,
subject_name_subtitle="subtitle_%d" % i,
subject_name_translated_title_lang_code="en",
subject_name_translated_title="sdsd_%d" % i,
subject_url="url_%d" % i,
convening_org_name="THE ORGANISATION_%d" % i,
convening_org_city="auckland_%d" % i,
convening_org_region="auckland_%d" % i,
convening_org_country="nz_%d" % i,
convening_org_disambiguated_identifier="123_%d" % i,
convening_org_disambiguation_source="1212_%d" % i,
is_active=False) for i in range(10))).execute()
record = PeerReviewRecord.get()
PeerReviewExternalId.insert_many((dict(record=record,
type="Test1_%d" % i,
value="Test1_%d" % i,
url="Test1_%d" % i,
relationship="Test1_%d" % i)
for i in range(10))).execute()
PeerReviewInvitee.insert_many((dict(record=record,
orcid="1231123112311%d" % i,
first_name="Test1_%d" % i,
last_name="Test1_%d" % i,
put_code=i,
status="Test1_%d" % i,
identifier="1%d" % i,
visibility="PUBLIC",
email="Test1_%d" % i)
for i in range(10))).execute()
WorkRecord.insert_many((dict(task=task,
title="Test_%d" % i,
subtitle="Test_%d" % i,
translated_title="Test_%d" % i,
translated_title_language_code="Test_%d" % i,
journal_title="Test_%d" % i,
short_description="Test_%d" % i,
citation_type="Test_%d" % i,
citation_value="Test_%d" % i,
type="Test_%d" % i,
url="Test_%d" % i,
language_code="Test_%d" % i,
country="Test_%d" % i,
is_active=False,
status="Test_%d" % i)
for i in range(10))).execute()
record = WorkRecord.get()
WorkContributor.insert_many((dict(record=record,
orcid="123112311231%d" % i,
name="Test_%d" % i,
contributor_sequence="%d" % i,
role="Test_%d" % i)
for i in range(10))).execute()
WorkExternalId.insert_many((dict(record=record,
type="Test_%d" % i,
value="Test_%d" % i,
url="Test_%d" % i,
relationship="Test_%d" % i)
for i in range(10))).execute()
WorkInvitee.insert_many((dict(record=record,
orcid="123112311231%d" % i,
first_name="Test_%d" % i,
last_name="Test_%d" % i,
put_code=i,
status="Test_%d" % i,
identifier="%d" % i,
visibility="Test_%d" % i,
email="Test_%d" % i)
for i in range(10))).execute()
yield testdb
def test_user_org_link_org_constraint(models):
user = User.select().limit(1).first()
from peewee import IntegrityError
with pytest.raises(IntegrityError):
UserOrg.create(user=user, org_id=999999)
def test_user_count(test_models):
assert User.select().count() == 63
def test_org_webhook(client, mocker):
"""Test Organisation webhooks."""
mocker.patch.object(
utils.requests,
"post",
lambda *args, **kwargs: SimpleObject(
status_code=201,
json=lambda: dict(
access_token="ABC123", refresh_token="REFRESS_ME", expires_in=123456789
),
),
)
mocker.patch.object(
utils.requests, "put", lambda *args, **kwargs: SimpleObject(status_code=201, text="")
)
mocker.patch.object(
utils.requests, "delete", lambda *args, **kwargs: SimpleObject(status_code=204, text="")
)
org = client.data["org"]
admin = org.tech_contact
user = client.data["user"]
mocker.patch.object(utils.register_orcid_webhook, "queue", utils.register_orcid_webhook)
mocker.patch.object(utils.invoke_webhook_handler, "queue", utils.invoke_webhook_handler)
utils.enable_org_webhook(org)
assert org.webhook_enabled
assert org.users.where(User.orcid.is_null(False), User.webhook_enabled).count() > 0
utils.disable_org_webhook(org)
assert not org.webhook_enabled
assert org.users.where(User.orcid.is_null(False), User.webhook_enabled).count() == 0
resp = client.login(admin)
resp = client.post(f"/services/{user.id}/updated")
send_email = mocker.patch.object(utils, "send_email")
send_email.assert_not_called()
assert not Organisation.get(org.id).webhook_enabled
resp = client.post(
"/settings/webhook", data=dict(webhook_url="https://ORG.org/HANDLE", webhook_enabled="y")
)
assert Organisation.get(org.id).webhook_enabled
assert resp.status_code == 200
resp = client.post(f"/services/{user.id}/updated")
send_email.assert_not_called()
assert resp.status_code == 204
assert not Organisation.get(org.id).email_notifications_enabled
resp = client.post(
"/settings/webhook",
data=dict(
webhook_url="https://ORG.org/HANDLE",
webhook_enabled="y",
email_notifications_enabled="y",
),
)
assert Organisation.get(org.id).email_notifications_enabled
assert resp.status_code == 200
resp = client.post(f"/services/{user.id}/updated")
send_email.assert_called()
assert resp.status_code == 204
post = mocker.patch.object(utils.requests, "post", return_value=Mock(status_code=204))
for u in User.select().where(
User.organisation == user.organisation, User.orcid.is_null(False)
):
post.reset_mock()
send_email.reset_mock()
resp = client.post(f"/services/{u.id}/updated")
send_email.assert_called()
post.assert_called()
assert resp.status_code == 204
# Enable only email notification:
resp = client.post(
"/settings/webhook", data=dict(webhook_enabled="", email_notifications_enabled="")
)
assert resp.status_code == 200
assert not Organisation.get(org.id).email_notifications_enabled
resp = client.post(
"/settings/webhook",
data=dict(webhook_url="", webhook_enabled="", email_notifications_enabled="y"),
)
assert Organisation.get(org.id).email_notifications_enabled
assert resp.status_code == 200
post.reset_mock()
send_email.reset_mock()
resp = client.post(f"/services/{user.id}/updated")
send_email.assert_called()
post.assert_not_called()
assert resp.status_code == 204
# Test update summary:
mocker.patch.object(utils.send_orcid_update_summary, "queue", utils.send_orcid_update_summary)
send_email.reset_mock()
utils.send_orcid_update_summary()
send_email.assert_not_called()
utils.send_orcid_update_summary(org.id)
send_email.assert_not_called()
utils.send_orcid_update_summary(9999999)
send_email.assert_not_called()
user.orcid_updated_at = utils.date.today().replace(day=1) - utils.timedelta(days=1)
user.save()
utils.send_orcid_update_summary()
send_email.assert_called()
send_email.reset_mock()
org.notification_email = "*****@*****.**"
org.save()
utils.send_orcid_update_summary()
send_email.assert_called_once()
resp = client.post("/settings/webhook", data=dict(save_webhook="Save"))
assert resp.status_code == 200
assert not Organisation.get(org.id).webhook_enabled
assert not Organisation.get(org.id).email_notifications_enabled
def test_onboard_org(client):
"""Test to organisation onboarding."""
org = Organisation.create(name="THE ORGANISATION:test_onboard_org",
tuakiri_name="THE ORGANISATION:test_onboard_org",
confirmed=False,
orcid_client_id="CLIENT ID",
orcid_secret="Client Secret",
city="CITY",
country="COUNTRY",
disambiguated_id="ID",
disambiguation_source="RINGGOLD",
is_email_sent=True)
u = User.create(email="*****@*****.**",
name="TEST USER",
roles=Role.TECHNICAL,
orcid="123",
confirmed=True,
organisation=org)
second_user = User.create(email="*****@*****.**",
name="TEST USER",
roles=Role.ADMIN,
orcid="1243",
confirmed=True,
organisation=org)
UserOrg.create(user=second_user, org=org, is_admin=True)
org_info = OrgInfo.create(name="A NEW ORGANISATION",
tuakiri_name="A NEW ORGANISATION")
org.tech_contact = u
org_info.save()
org.save()
client.login_root()
with patch("orcid_hub.utils.send_email"):
resp = client.post("/invite/organisation",
data=dict(org_name="A NEW ORGANISATION",
org_email="*****@*****.**"),
follow_redirects=True)
assert User.select().where(
User.email == "*****@*****.**").exists()
resp = client.post("/invite/organisation",
data=dict(org_name="A NEW ORGANISATION",
org_email="*****@*****.**",
tech_contact='y'),
follow_redirects=True)
assert User.select().where(
User.email == "*****@*****.**").exists()
org = Organisation.get(name="A NEW ORGANISATION")
user = User.get(email="*****@*****.**")
assert user.name is None
assert org.tech_contact == user
client.logout()
resp = client.login(user,
**{
"Sn": "TECHNICAL",
"Givenname": "CONTACT",
"Displayname": "Test User",
"shib_O": "NEW ORGANISATION"
},
follow_redirects=True)
user = User.get(email="*****@*****.**")
org = user.organisation
assert user.is_tech_contact_of(org)
resp = client.get("/confirm/organisation")
assert resp.status_code == 200
org = Organisation.get(org.id)
assert b"<!DOCTYPE html>" in resp.data, "Expected HTML content"
assert b"Take me to ORCID to obtain my Client ID and Client Secret" in resp.data
with patch("orcid_hub.authcontroller.requests") as requests:
requests.post.return_value = Mock(data=b'XXXX', status_code=200)
resp = client.post("/confirm/organisation",
data={
"orcid_client_id": "APP-1234567890ABCDEF",
"orcid_secret":
"12345678-1234-1234-1234-1234567890ab",
"country": "NZ",
"city": "Auckland",
"disambiguated_id": "XYZ123",
"disambiguation_source": "RINGGOLD",
"name": org.name,
"email": user.email,
})
assert resp.status_code == 302
url = urlparse(resp.location).path
assert url == "/link"
resp = client.get(url)
client.logout()
org = Organisation.get(org.id)
assert org.disambiguated_id == "XYZ123"
assert org.disambiguation_source == "RINGGOLD"
assert org.orcid_client_id == "APP-1234567890ABCDEF"
assert org.orcid_secret == "12345678-1234-1234-1234-1234567890ab"
user = User.get(email="*****@*****.**")
resp = client.login(user,
**{
"Sn": "NEW ORGANISATION",
"Givenname": "ADMINISTRATOR",
"Displayname": "Admin User",
"shib_O": "NEW ORGANISATION"
},
follow_redirects=True)
assert b"Take me to ORCID to allow A NEW ORGANISATION permission to access my ORCID record" in resp.data
resp = client.get("/confirm/organisation")
assert resp.status_code == 302
assert urlparse(resp.location).path == "/admin/viewmembers/"
resp = client.get("/admin/viewmembers/")
assert b"*****@*****.**" in resp.data
resp = client.get("/admin/viewmembers/export/csv/")
assert resp.headers["Content-Type"] == "text/csv; charset=utf-8"
assert b"*****@*****.**" in resp.data
assert b"*****@*****.**" in resp.data