class TestDataverseRestrictions(DataverseAddonTestCase, OsfTestCase):
def setUp(self):
super(DataverseAddonTestCase, self).setUp()
# Nasty contributor who will try to access content that he shouldn't
# have access to
self.contrib = AuthUserFactory()
self.project.add_contributor(self.contrib, auth=Auth(self.user))
self.project.save()
@mock.patch('addons.dataverse.views.client.connect_from_settings')
def test_restricted_set_dataset_not_owner(self, mock_connection):
mock_connection.return_value = create_mock_connection()
# Contributor has dataverse auth, but is not the node authorizer
self.contrib.add_addon('dataverse')
self.contrib.save()
url = api_url_for('dataverse_set_config', pid=self.project._primary_key)
params = {
'dataverse': {'alias': 'ALIAS1'},
'dataset': {'doi': 'doi:12.3456/DVN/00002'},
}
res = self.app.post_json(url, params, auth=self.contrib.auth,
expect_errors=True)
assert_equal(res.status_code, http.FORBIDDEN)
def test_many_users_each_with_the_same_github_enabled(self):
user = AuthUserFactory()
user.add_addon('github')
user.external_accounts.add(self.external_account)
user.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['users']['enabled'], 2)
def test_github_enabled_not_linked_or_authorized(self):
user = AuthUserFactory()
user.add_addon('github')
user.external_accounts.add(self.external_account)
user.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['users']['enabled'], 2)
assert_equal(github_res['users']['authorized'], 1)
assert_equal(github_res['users']['linked'], 1)
def test_s3_set_bucket_no_auth(self):
user = AuthUserFactory()
user.add_addon('s3')
self.project.add_contributor(user, save=True)
url = self.project.api_url_for('s3_set_config')
res = self.app.put_json(
url, {'s3_bucket': 'hammertofall'}, auth=user.auth,
expect_errors=True
)
assert_equal(res.status_code, http.FORBIDDEN)
def test_many_users_each_with_a_different_github(self):
user = AuthUserFactory()
user.add_addon('github')
oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
oauth_settings2.save()
user.external_accounts.add(oauth_settings2)
user.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['users']['enabled'], 2)
assert_equal(github_res['users']['authorized'], 1)
assert_equal(github_res['users']['linked'], 1)
def test_import_auth_cant_write_node(self):
ea = self.ExternalAccountFactory()
user = AuthUserFactory()
user.add_addon(self.ADDON_SHORT_NAME, auth=Auth(user))
user.external_accounts.add(ea)
user.save()
node = ProjectFactory(creator=self.user)
node.add_contributor(user, permissions=[permissions.READ], auth=self.auth, save=True)
node.add_addon(self.ADDON_SHORT_NAME, auth=self.auth)
node.save()
url = node.api_url_for('{0}_import_auth'.format(self.ADDON_SHORT_NAME))
res = self.app.put_json(url, {
'external_account_id': ea._id
}, auth=user.auth, expect_errors=True)
assert_equal(res.status_code, http.FORBIDDEN)
class TestRestrictions(BoxAddonTestCase, OsfTestCase):
def setUp(self):
super(BoxAddonTestCase, self).setUp()
# Nasty contributor who will try to access folders that he shouldn't have
# access to
self.contrib = AuthUserFactory()
self.project.add_contributor(self.contrib, auth=Auth(self.user))
self.project.save()
self.user.add_addon('box')
settings = self.user.get_addon('box')
settings.access_token = '12345abc'
settings.last_refreshed = timezone.now()
settings.save()
self.patcher = mock.patch('addons.box.models.NodeSettings.fetch_folder_name')
self.patcher.return_value = 'foo bar/baz'
self.patcher.start()
@mock.patch('addons.box.models.NodeSettings.has_auth')
def test_restricted_hgrid_data_contents(self, mock_auth):
mock_auth.__get__ = mock.Mock(return_value=False)
# tries to access a parent folder
url = self.project.api_url_for('box_folder_list',
path='foo bar')
res = self.app.get(url, auth=self.contrib.auth, expect_errors=True)
assert_equal(res.status_code, httplib.FORBIDDEN)
def test_restricted_config_contrib_no_addon(self):
url = api_url_for('box_set_config', pid=self.project._primary_key)
res = self.app.put_json(url, {'selected': {'path': 'foo'}},
auth=self.contrib.auth, expect_errors=True)
assert_equal(res.status_code, httplib.BAD_REQUEST)
def test_restricted_config_contrib_not_owner(self):
# Contributor has box auth, but is not the node authorizer
self.contrib.add_addon('box')
self.contrib.save()
url = api_url_for('box_set_config', pid=self.project._primary_key)
res = self.app.put_json(url, {'selected': {'path': 'foo'}},
auth=self.contrib.auth, expect_errors=True)
assert_equal(res.status_code, httplib.FORBIDDEN)
class TestRestrictions(DropboxAddonTestCase, OsfTestCase):
def setUp(self):
super(DropboxAddonTestCase, self).setUp()
# Nasty contributor who will try to access folders that he shouldn't have
# access to
self.contrib = AuthUserFactory()
self.project.add_contributor(self.contrib, auth=Auth(self.user))
self.project.save()
# Set shared folder
self.node_settings.folder = 'foo bar/bar'
self.node_settings.save()
@mock.patch('addons.dropbox.models.Dropbox.files_list_folder')
def test_restricted_folder_list(self, mock_metadata):
mock_metadata.return_value = MockListFolderResult()
# tries to access a parent folder
url = self.project.api_url_for('dropbox_folder_list',
path='foo bar')
res = self.app.get(url, auth=self.contrib.auth, expect_errors=True)
assert_equal(res.status_code, http.FORBIDDEN)
def test_restricted_config_contrib_no_addon(self):
url = self.project.api_url_for('dropbox_set_config')
res = self.app.put_json(url, {'selected': {'path': 'foo'}},
auth=self.contrib.auth, expect_errors=True)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_restricted_config_contrib_not_owner(self):
# Contributor has dropbox auth, but is not the node authorizer
self.contrib.add_addon('dropbox')
self.contrib.save()
url = self.project.api_url_for('dropbox_set_config')
res = self.app.put_json(url, {'selected': {'path': 'foo'}},
auth=self.contrib.auth, expect_errors=True)
assert_equal(res.status_code, http.FORBIDDEN)
class TestNodeFilesListFiltering(ApiTestCase):
def setUp(self):
super(TestNodeFilesListFiltering, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
# Prep HTTP mocks
prepare_mock_wb_response(node=self.project,
provider='github',
files=[
{
'name': 'abc',
'path': '/abc/',
'materialized': '/abc/',
'kind': 'folder'
},
{
'name': 'xyz',
'path': '/xyz',
'materialized': '/xyz',
'kind': 'file'
},
])
def add_github(self):
user_auth = Auth(self.user)
self.project.add_addon('github', auth=user_auth)
addon = self.project.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.project.save()
addon.user_settings.oauth_grants[self.project._id] = {
oauth_settings._id: []
}
addon.user_settings.save()
@responses.activate
def test_node_files_are_filterable_by_name(self):
url = '/{}nodes/{}/files/github/?filter[name]=xyz'.format(
API_BASE, self.project._id)
self.add_github()
# test create
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'abc'
assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')
# test get
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'abc'
assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')
@responses.activate
def test_node_files_filter_by_name_case_insensitive(self):
url = '/{}nodes/{}/files/github/?filter[name]=XYZ'.format(
API_BASE, self.project._id)
self.add_github()
# test create
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
# filters out 'abc', but finds 'xyz'
assert_equal(len(res.json['data']), 1)
assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')
# test get
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
# filters out 'abc', but finds 'xyz'
assert_equal(len(res.json['data']), 1)
assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')
@responses.activate
def test_node_files_are_filterable_by_path(self):
url = '/{}nodes/{}/files/github/?filter[path]=abc'.format(
API_BASE, self.project._id)
self.add_github()
# test create
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'xyz'
assert_equal(res.json['data'][0]['attributes']['name'], 'abc')
# test get
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'xyz'
assert_equal(res.json['data'][0]['attributes']['name'], 'abc')
@responses.activate
def test_node_files_are_filterable_by_kind(self):
url = '/{}nodes/{}/files/github/?filter[kind]=folder'.format(
API_BASE, self.project._id)
self.add_github()
# test create
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'xyz'
assert_equal(res.json['data'][0]['attributes']['name'], 'abc')
# test get
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'xyz'
assert_equal(res.json['data'][0]['attributes']['name'], 'abc')
@responses.activate
def test_node_files_external_provider_can_filter_by_last_touched(self):
yesterday_stamp = timezone.now() - datetime.timedelta(days=1)
self.add_github()
url = '/{}nodes/{}/files/github/?filter[last_touched][gt]={}'.format(
API_BASE, self.project._id, yesterday_stamp.isoformat())
# test create
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 2)
# test get
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 2)
def test_node_files_osfstorage_cannot_filter_by_last_touched(self):
yesterday_stamp = timezone.now() - datetime.timedelta(days=1)
self.file = api_utils.create_test_file(self.project, self.user)
url = '/{}nodes/{}/files/osfstorage/?filter[last_touched][gt]={}'.format(
API_BASE, self.project._id, yesterday_stamp.isoformat())
# test create
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(len(res.json['errors']), 1)
# test get
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(len(res.json['errors']), 1)
class TestNodeFilesListPagination(ApiTestCase):
def setUp(self):
super(TestNodeFilesListPagination, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
httpretty.enable()
def tearDown(self):
super(TestNodeFilesListPagination, self).tearDown()
httpretty.disable()
httpretty.reset()
def add_github(self):
user_auth = Auth(self.user)
self.project.add_addon('github', auth=user_auth)
addon = self.project.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.project.save()
addon.user_settings.oauth_grants[self.project._id] = {oauth_settings._id: []}
addon.user_settings.save()
def check_file_order(self, resp):
previous_file_name = 0
for file in resp.json['data']:
int_file_name = int(file['attributes']['name'])
assert int_file_name > previous_file_name, 'Files were not in order'
previous_file_name = int_file_name
def test_node_files_are_sorted_correctly(self):
prepare_mock_wb_response(
node=self.project,
provider='github',
files=[
{'name': '01', 'path': '/01/', 'materialized': '/01/', 'kind': 'folder'},
{'name': '02', 'path': '/02', 'materialized': '/02', 'kind': 'file'},
{'name': '03', 'path': '/03/', 'materialized': '/03/', 'kind': 'folder'},
{'name': '04', 'path': '/04', 'materialized': '/04', 'kind': 'file'},
{'name': '05', 'path': '/05/', 'materialized': '/05/', 'kind': 'folder'},
{'name': '06', 'path': '/06', 'materialized': '/06', 'kind': 'file'},
{'name': '07', 'path': '/07/', 'materialized': '/07/', 'kind': 'folder'},
{'name': '08', 'path': '/08', 'materialized': '/08', 'kind': 'file'},
{'name': '09', 'path': '/09/', 'materialized': '/09/', 'kind': 'folder'},
{'name': '10', 'path': '/10', 'materialized': '/10', 'kind': 'file'},
{'name': '11', 'path': '/11/', 'materialized': '/11/', 'kind': 'folder'},
{'name': '12', 'path': '/12', 'materialized': '/12', 'kind': 'file'},
{'name': '13', 'path': '/13/', 'materialized': '/13/', 'kind': 'folder'},
{'name': '14', 'path': '/14', 'materialized': '/14', 'kind': 'file'},
{'name': '15', 'path': '/15/', 'materialized': '/15/', 'kind': 'folder'},
{'name': '16', 'path': '/16', 'materialized': '/16', 'kind': 'file'},
{'name': '17', 'path': '/17/', 'materialized': '/17/', 'kind': 'folder'},
{'name': '18', 'path': '/18', 'materialized': '/18', 'kind': 'file'},
{'name': '19', 'path': '/19/', 'materialized': '/19/', 'kind': 'folder'},
{'name': '20', 'path': '/20', 'materialized': '/20', 'kind': 'file'},
{'name': '21', 'path': '/21/', 'materialized': '/21/', 'kind': 'folder'},
{'name': '22', 'path': '/22', 'materialized': '/22', 'kind': 'file'},
{'name': '23', 'path': '/23/', 'materialized': '/23/', 'kind': 'folder'},
{'name': '24', 'path': '/24', 'materialized': '/24', 'kind': 'file'},
]
)
self.add_github()
url = '/{}nodes/{}/files/github/?page[size]=100'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth)
self.check_file_order(res)
class TestNodeFilesList(ApiTestCase):
def setUp(self):
super(TestNodeFilesList, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.private_url = '/{}nodes/{}/files/'.format(API_BASE, self.project._id)
self.user_two = AuthUserFactory()
self.public_project = ProjectFactory(creator=self.user, is_public=True)
self.public_url = '/{}nodes/{}/files/'.format(API_BASE, self.public_project._id)
httpretty.enable()
def tearDown(self):
super(TestNodeFilesList, self).tearDown()
httpretty.disable()
httpretty.reset()
def add_github(self):
user_auth = Auth(self.user)
self.project.add_addon('github', auth=user_auth)
addon = self.project.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.project.save()
addon.user_settings.oauth_grants[self.project._id] = {oauth_settings._id: []}
addon.user_settings.save()
def _prepare_mock_wb_response(self, node=None, **kwargs):
prepare_mock_wb_response(node=node or self.project, **kwargs)
def test_returns_public_files_logged_out(self):
res = self.app.get(self.public_url, expect_errors=True)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['attributes']['provider'], 'osfstorage')
assert_equal(res.content_type, 'application/vnd.api+json')
def test_returns_public_files_logged_in(self):
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data'][0]['attributes']['provider'], 'osfstorage')
def test_returns_storage_addons_link(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_in('storage_addons', res.json['data'][0]['links'])
def test_returns_file_data(self):
fobj = self.project.get_addon('osfstorage').get_root().append_file('NewFile')
fobj.save()
res = self.app.get('{}osfstorage/{}'.format(self.private_url, fobj._id), auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_true(isinstance(res.json['data'], dict))
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data']['attributes']['kind'], 'file')
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
def test_returns_osfstorage_folder_version_two(self):
fobj = self.project.get_addon('osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/'.format(self.private_url), auth=self.user.auth)
assert_equal(res.status_code, 200)
def test_returns_osf_storage_folder_version_two_point_two(self):
fobj = self.project.get_addon('osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/?version=2.2'.format(self.private_url), auth=self.user.auth)
assert_equal(res.status_code, 200)
def test_list_returns_folder_data(self):
fobj = self.project.get_addon('osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/'.format(self.private_url, fobj._id), auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFolder')
def test_returns_folder_data(self):
fobj = self.project.get_addon('osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/{}/'.format(self.private_url, fobj._id), auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 0)
assert_equal(res.content_type, 'application/vnd.api+json')
def test_returns_private_files_logged_out(self):
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_in('detail', res.json['errors'][0])
def test_returns_private_files_logged_in_contributor(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(len(res.json['data']), 1)
assert_equal(res.json['data'][0]['attributes']['provider'], 'osfstorage')
def test_returns_private_files_logged_in_non_contributor(self):
res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_in('detail', res.json['errors'][0])
def test_returns_addon_folders(self):
user_auth = Auth(self.user)
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(len(res.json['data']), 1)
assert_equal(res.json['data'][0]['attributes']['provider'], 'osfstorage')
self.project.add_addon('github', auth=user_auth)
addon = self.project.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.project.save()
addon.user_settings.oauth_grants[self.project._id] = {oauth_settings._id: []}
addon.user_settings.save()
res = self.app.get(self.private_url, auth=self.user.auth)
data = res.json['data']
providers = [item['attributes']['provider'] for item in data]
assert_equal(len(data), 2)
assert_in('github', providers)
assert_in('osfstorage', providers)
def test_returns_node_files_list(self):
self._prepare_mock_wb_response(provider='github', files=[{'name': 'NewFile'}])
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
def test_returns_node_file(self):
self._prepare_mock_wb_response(provider='github', files=[{'name': 'NewFile'}], folder=False, path='/file')
self.add_github()
url = '/{}nodes/{}/files/github/file'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
assert_equal(res.json['data']['attributes']['provider'], 'github')
def test_notfound_node_file_returns_folder(self):
self._prepare_mock_wb_response(provider='github', files=[{'name': 'NewFile'}], path='/file')
url = '/{}nodes/{}/files/github/file'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True, headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
assert_equal(res.status_code, 404)
def test_notfound_node_folder_returns_file(self):
self._prepare_mock_wb_response(provider='github', files=[{'name': 'NewFile'}], folder=False, path='/')
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True, headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
assert_equal(res.status_code, 404)
def test_waterbutler_server_error_returns_503(self):
self._prepare_mock_wb_response(status_code=500)
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True, headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
assert_equal(res.status_code, 503)
def test_waterbutler_invalid_data_returns_503(self):
wb_url = waterbutler_api_url_for(self.project._id, provider='github', path='/', meta=True)
self.add_github()
httpretty.register_uri(
httpretty.GET,
wb_url,
body=json.dumps({}),
status=400
)
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 503)
def test_handles_unauthenticated_waterbutler_request(self):
self._prepare_mock_wb_response(status_code=401)
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_in('detail', res.json['errors'][0])
def test_handles_notfound_waterbutler_request(self):
invalid_provider = 'gilkjadsflhub'
self._prepare_mock_wb_response(status_code=404, provider=invalid_provider)
url = '/{}nodes/{}/files/{}/'.format(API_BASE, self.project._id, invalid_provider)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
assert_in('detail', res.json['errors'][0])
def test_handles_request_to_provider_not_configured_on_project(self):
provider = 'box'
url = '/{}nodes/{}/files/{}/'.format(API_BASE, self.project._id, provider)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_false(self.project.get_addon(provider))
assert_equal(res.status_code, 404)
assert_equal(res.json['errors'][0]['detail'], 'The {} provider is not configured for this project.'.format(provider))
def test_handles_bad_waterbutler_request(self):
wb_url = waterbutler_api_url_for(self.project._id, provider='github', path='/', meta=True)
httpretty.register_uri(
httpretty.GET,
wb_url,
body=json.dumps({}),
status=418
)
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 503)
assert_in('detail', res.json['errors'][0])
def test_files_list_contains_relationships_object(self):
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert 'relationships' in res.json['data'][0]
class TestNodeFilesList(ApiTestCase):
def setUp(self):
super(TestNodeFilesList, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.private_url = '/{}nodes/{}/files/'.format(
API_BASE, self.project._id)
self.user_two = AuthUserFactory()
self.public_project = ProjectFactory(creator=self.user, is_public=True)
self.public_url = '/{}nodes/{}/files/'.format(API_BASE, self.public_project._id)
def add_github(self):
user_auth = Auth(self.user)
self.project.add_addon('github', auth=user_auth)
addon = self.project.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.project.save()
addon.user_settings.oauth_grants[self.project._id] = {
oauth_settings._id: []}
addon.user_settings.save()
def view_only_link(self):
private_link = PrivateLinkFactory(creator=self.user)
private_link.nodes.add(self.project)
private_link.save()
return private_link
def _prepare_mock_wb_response(self, node=None, **kwargs):
prepare_mock_wb_response(node=node or self.project, **kwargs)
def test_returns_public_files_logged_out(self):
res = self.app.get(self.public_url, expect_errors=True)
assert_equal(res.status_code, 200)
assert_equal(
res.json['data'][0]['attributes']['provider'],
'osfstorage'
)
assert_equal(res.content_type, 'application/vnd.api+json')
def test_returns_public_files_logged_in(self):
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(
res.json['data'][0]['attributes']['provider'],
'osfstorage'
)
def test_returns_storage_addons_link(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_in('storage_addons', res.json['data'][0]['links'])
def test_returns_file_data(self):
fobj = self.project.get_addon(
'osfstorage').get_root().append_file('NewFile')
fobj.save()
res = self.app.get(
'{}osfstorage/{}'.format(self.private_url, fobj._id), auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_true(isinstance(res.json['data'], dict))
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data']['attributes']['kind'], 'file')
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
def test_returns_osfstorage_folder_version_two(self):
fobj = self.project.get_addon(
'osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get(
'{}osfstorage/'.format(self.private_url), auth=self.user.auth)
assert_equal(res.status_code, 200)
def test_returns_osf_storage_folder_version_two_point_two(self):
fobj = self.project.get_addon(
'osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get(
'{}osfstorage/?version=2.2'.format(self.private_url), auth=self.user.auth)
assert_equal(res.status_code, 200)
def test_list_returns_folder_data(self):
fobj = self.project.get_addon(
'osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get(
'{}osfstorage/'.format(self.private_url, fobj._id), auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFolder')
def test_returns_folder_data(self):
fobj = self.project.get_addon(
'osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get(
'{}osfstorage/{}/'.format(self.private_url, fobj._id), auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 0)
assert_equal(res.content_type, 'application/vnd.api+json')
def test_returns_private_files_logged_out(self):
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_in('detail', res.json['errors'][0])
def test_returns_private_files_logged_in_contributor(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(len(res.json['data']), 1)
assert_equal(
res.json['data'][0]['attributes']['provider'],
'osfstorage'
)
def test_returns_private_files_logged_in_non_contributor(self):
res = self.app.get(
self.private_url,
auth=self.user_two.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
assert_in('detail', res.json['errors'][0])
def test_returns_addon_folders(self):
user_auth = Auth(self.user)
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(len(res.json['data']), 1)
assert_equal(
res.json['data'][0]['attributes']['provider'],
'osfstorage'
)
self.project.add_addon('github', auth=user_auth)
addon = self.project.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.project.save()
addon.user_settings.oauth_grants[self.project._id] = {
oauth_settings._id: []}
addon.user_settings.save()
res = self.app.get(self.private_url, auth=self.user.auth)
data = res.json['data']
providers = [item['attributes']['provider'] for item in data]
assert_equal(len(data), 2)
assert_in('github', providers)
assert_in('osfstorage', providers)
@responses.activate
def test_vol_node_files_list(self):
self._prepare_mock_wb_response(
provider='github', files=[{'name': 'NewFile'}])
self.add_github()
vol = self.view_only_link()
url = '/{}nodes/{}/files/github/?view_only={}'.format(
API_BASE, self.project._id, vol.key)
res = self.app.get(url, auth=self.user_two.auth)
wb_request = responses.calls[-1].request
url = furl.furl(wb_request.url)
assert_equal(url.query, 'meta=True&view_only={}'.format(unicode(vol.key, 'utf-8')))
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
assert_in(vol.key, res.json['data'][0]['links']['info'])
assert_in(vol.key, res.json['data'][0]['links']['move'])
assert_in(vol.key, res.json['data'][0]['links']['upload'])
assert_in(vol.key, res.json['data'][0]['links']['download'])
assert_in(vol.key, res.json['data'][0]['links']['delete'])
@responses.activate
def test_returns_node_files_list(self):
self._prepare_mock_wb_response(
provider='github', files=[{'name': 'NewFile'}])
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
# test create
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
# test get
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
@responses.activate
def test_returns_folder_metadata_not_children(self):
folder = GithubFolder(
name='Folder',
target=self.project,
path='/Folder/'
)
folder.save()
self._prepare_mock_wb_response(provider='github', files=[{'name': 'Folder'}], path='/Folder/')
self.add_github()
url = '/{}nodes/{}/files/github/Folder/'.format(API_BASE, self.project._id)
res = self.app.get(url, params={'info': ''}, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['attributes']['kind'], 'folder')
assert_equal(res.json['data'][0]['attributes']['name'], 'Folder')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
@responses.activate
def test_returns_node_file(self):
self._prepare_mock_wb_response(
provider='github', files=[{'name': 'NewFile'}],
folder=False, path='/file')
self.add_github()
url = '/{}nodes/{}/files/github/file'.format(
API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
# test create
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
assert_equal(res.json['data']['attributes']['provider'], 'github')
# test get
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
assert_equal(res.json['data']['attributes']['provider'], 'github')
@responses.activate
def test_notfound_node_file_returns_folder(self):
self._prepare_mock_wb_response(
provider='github', files=[{'name': 'NewFile'}],
path='/file')
url = '/{}nodes/{}/files/github/file'.format(
API_BASE, self.project._id)
res = self.app.get(
url, auth=self.user.auth,
expect_errors=True,
headers={'COOKIE': 'foo=bar;'} # Webtests doesnt support cookies?
)
assert_equal(res.status_code, 404)
@responses.activate
def test_notfound_node_folder_returns_file(self):
self._prepare_mock_wb_response(
provider='github', files=[{'name': 'NewFile'}],
folder=False, path='/')
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(
url, auth=self.user.auth,
expect_errors=True,
headers={'COOKIE': 'foo=bar;'} # Webtests doesnt support cookies?
)
assert_equal(res.status_code, 404)
@responses.activate
def test_waterbutler_server_error_returns_503(self):
self._prepare_mock_wb_response(status_code=500)
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(
url, auth=self.user.auth,
expect_errors=True,
headers={'COOKIE': 'foo=bar;'} # Webtests doesnt support cookies?
)
assert_equal(res.status_code, 503)
@responses.activate
def test_waterbutler_invalid_data_returns_503(self):
wb_url = waterbutler_api_url_for(self.project._id, _internal=True, provider='github', path='/', meta=True)
self.add_github()
responses.add(
responses.Response(
responses.GET,
wb_url,
body=json.dumps({}),
status=400
)
)
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 503)
@responses.activate
def test_handles_unauthenticated_waterbutler_request(self):
self._prepare_mock_wb_response(status_code=401)
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_in('detail', res.json['errors'][0])
@responses.activate
def test_handles_notfound_waterbutler_request(self):
invalid_provider = 'gilkjadsflhub'
self._prepare_mock_wb_response(
status_code=404, provider=invalid_provider)
url = '/{}nodes/{}/files/{}/'.format(API_BASE,
self.project._id, invalid_provider)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
assert_in('detail', res.json['errors'][0])
def test_handles_request_to_provider_not_configured_on_project(self):
provider = 'box'
url = '/{}nodes/{}/files/{}/'.format(
API_BASE, self.project._id, provider)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_false(self.project.get_addon(provider))
assert_equal(res.status_code, 404)
assert_equal(
res.json['errors'][0]['detail'],
'The {} provider is not configured for this project.'.format(provider))
@responses.activate
def test_handles_bad_waterbutler_request(self):
wb_url = waterbutler_api_url_for(self.project._id, _internal=True, provider='github', path='/', meta=True)
responses.add(
responses.Response(
responses.GET,
wb_url,
json={'bad' : 'json'},
status=418
)
)
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 503)
assert_in('detail', res.json['errors'][0])
def test_files_list_contains_relationships_object(self):
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert 'relationships' in res.json['data'][0]
class TestAddonCount(OsfTestCase):
def setUp(self):
super(TestAddonCount, self).setUp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.external_account = GitHubAccountFactory(display_name='hmoco1')
self.user_settings = self.user.get_or_add_addon('github')
self.user_settings.save()
self.user.external_accounts.add(self.external_account)
self.user.save()
self.node.add_addon('github', Auth(self.user))
self.node_addon = self.node.get_addon('github')
self.node_addon.user = self.user.fullname
self.node_addon.repo = '29 #Strafford APTS'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.external_account
self.node_addon.save()
self.user_settings.grant_oauth_access(
node=self.node,
external_account=self.external_account,
)
def test_run_for_all_addon(self):
results = AddonSnapshot().get_events()
names = [res['provider']['name'] for res in results]
for addon in ADDONS_AVAILABLE:
assert_in(addon.short_name, names)
def test_one_user_one_node_one_addon(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(github_res['nodes']['total'], 1)
def test_one_user_one_node_one_addon_one_node_linked(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(github_res['nodes']['total'], 1)
def test_one_user_with_multiple_githubs(self):
oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
oauth_settings2.save()
self.user.external_accounts.add(oauth_settings2)
self.user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 1)
def test_one_user_with_multiple_addons(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
googledrive_res = [
res for res in results if res['provider']['name'] == 'googledrive'
][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(googledrive_res['users']['enabled'], 0)
self.user.add_addon('googledrive')
oauth_settings = GoogleDriveAccountFactory()
oauth_settings.save()
self.user.external_accounts.add(oauth_settings)
self.user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
googledrive_res = [
res for res in results if res['provider']['name'] == 'googledrive'
][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(googledrive_res['users']['enabled'], 1)
def test_many_users_each_with_a_different_github(self):
user = AuthUserFactory()
user.add_addon('github')
oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
oauth_settings2.save()
user.external_accounts.add(oauth_settings2)
user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 2)
assert_equal(github_res['users']['authorized'], 1)
assert_equal(github_res['users']['linked'], 1)
def test_many_users_each_with_the_same_github_enabled(self):
user = AuthUserFactory()
user.add_addon('github')
user.external_accounts.add(self.external_account)
user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 2)
def test_github_enabled_not_linked_or_authorized(self):
user = AuthUserFactory()
user.add_addon('github')
user.external_accounts.add(self.external_account)
user.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['users']['enabled'], 2)
assert_equal(github_res['users']['authorized'], 1)
assert_equal(github_res['users']['linked'], 1)
def test_one_node_with_multiple_addons(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
googledrive_res = [
res for res in results if res['provider']['name'] == 'googledrive'
][0]
assert_equal(github_res['nodes']['total'], 1)
assert_equal(googledrive_res['nodes']['total'], 0)
self.user.add_addon('googledrive')
user_addon = self.user.get_addon('googledrive')
oauth_settings = GoogleDriveAccountFactory()
oauth_settings.save()
self.user.external_accounts.add(oauth_settings)
self.user.save()
self.node.add_addon('googledrive', Auth(self.user))
node_addon = self.node.get_addon('googledrive')
node_addon.user = self.user.fullname
node_addon.user_settings = user_addon
node_addon.external_account = oauth_settings
node_addon.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
googledrive_res = [
res for res in results if res['provider']['name'] == 'googledrive'
][0]
assert_equal(github_res['nodes']['total'], 1)
assert_equal(googledrive_res['nodes']['total'], 1)
def test_many_nodes_with_one_addon(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['total'], 1)
node = ProjectFactory(creator=self.user)
node.add_addon('github', Auth(self.user))
node_addon = node.get_addon('github')
node_addon.user = self.user.fullname
node_addon.repo = '8 (circle)'
node_addon.user_settings = self.user_addon
node_addon.external_account = self.external_account
node_addon.save()
node.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['total'], 2)
def test_node_count_deleted_addon(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['deleted'], 0)
node = ProjectFactory(creator=self.user)
node.add_addon('github', Auth(self.user))
node_addon = node.get_addon('github')
node_addon.delete()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['deleted'], 1)
def test_node_count_disconected_addon(self):
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['disconnected'], 0)
node = ProjectFactory(creator=self.user)
node.add_addon('github', Auth(self.user))
node_addon = node.get_addon('github')
node_addon.external_account = None
node_addon.save()
results = AddonSnapshot().get_events()
github_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(github_res['nodes']['disconnected'], 1)
def test_all_users_have_wiki_osfstorage_enabled(self):
all_user_count = OSFUser.objects.all().count()
results = AddonSnapshot().get_events()
osfstorage_res = [
res for res in results if res['provider']['name'] == 'osfstorage'
][0]
wiki_res = [
res for res in results if res['provider']['name'] == 'osfstorage'
][0]
assert_equal(osfstorage_res['users']['enabled'], all_user_count)
assert_equal(wiki_res['users']['enabled'], all_user_count)
def test_wiki_deleted_shows_as_deleted(self):
node = ProjectFactory(creator=self.user)
node.delete_addon('wiki', auth=Auth(self.user))
results = AddonSnapshot().get_events()
wiki_res = [
res for res in results if res['provider']['name'] == 'wiki'
][0]
assert_equal(wiki_res['nodes']['deleted'], 1)
def test_node_settings_has_no_owner_not_connected(self):
self.node_addon.owner = None
self.node_addon.save()
results = AddonSnapshot().get_events()
storage_res = [
res for res in results if res['provider']['name'] == 'github'
][0]
assert_equal(storage_res['nodes']['connected'], 0)
class TestViewUtils(OsfTestCase):
def setUp(self):
super(TestViewUtils, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def test_serialize_addons(self):
addon_dicts = serialize_addons(self.node, self.auth_obj)
enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
assert len(enabled_addons) == 2
assert enabled_addons[0]['short_name'] == 'github'
assert enabled_addons[1]['short_name'] == 'osfstorage'
default_addons = [addon for addon in addon_dicts if addon['default']]
assert len(default_addons) == 1
assert default_addons[0]['short_name'] == 'osfstorage'
def test_include_template_json(self):
""" Some addons (github, gitlab) need more specialized template infomation so we want to
ensure we get those extra variables that when the addon is enabled.
"""
addon_dicts = serialize_addons(self.node, self.auth_obj)
enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
assert len(enabled_addons) == 2
assert enabled_addons[1]['short_name'] == 'osfstorage'
assert enabled_addons[0]['short_name'] == 'github'
assert 'node_has_auth' in enabled_addons[0]
assert 'valid_credentials' in enabled_addons[0]
def test_collect_node_config_js(self):
addon_dicts = serialize_addons(self.node, self.auth_obj)
asset_paths = collect_node_config_js(addon_dicts)
# Default addons should be in addon dicts, but they have no js assets because you can't
# connect/disconnect from them, think osfstorage, there's no node-cfg for that.
default_addons = [addon['short_name'] for addon in addon_dicts if addon['default']]
assert not any('/{}/'.format(addon) in asset_paths for addon in default_addons)
class TestAddonAuth(OsfTestCase):
def setUp(self):
super(TestAddonAuth, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def build_url(self, **kwargs):
options = {'payload': jwe.encrypt(jwt.encode({'data': dict(dict(
action='download',
nid=self.node._id,
provider=self.node_addon.config.short_name), **kwargs),
'exp': timezone.now() + datetime.timedelta(seconds=settings.WATERBUTLER_JWT_EXPIRATION),
}, settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM), self.JWE_KEY)}
return api_url_for('get_auth', **options)
def test_auth_download(self):
url = self.build_url()
res = self.app.get(url, auth=self.user.auth)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_missing_args(self):
url = self.build_url(cookie=None)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_bad_cookie(self):
url = self.build_url(cookie=self.cookie)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 200)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_cookie(self):
url = self.build_url(cookie=self.cookie[::-1])
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_missing_addon(self):
url = self.build_url(provider='queenhub')
res = self.app.get(url, expect_errors=True, auth=self.user.auth)
assert_equal(res.status_code, 400)
@mock.patch('addons.base.views.cas.get_client')
def test_auth_bad_bearer_token(self, mock_cas_client):
mock_cas_client.return_value = mock.Mock(profile=mock.Mock(return_value=cas.CasResponse(authenticated=False)))
url = self.build_url()
res = self.app.get(url, headers={'Authorization': 'Bearer invalid_access_token'}, expect_errors=True)
assert_equal(res.status_code, 403)
class TestAddonCount(OsfTestCase):
def setUp(self):
super(TestAddonCount, self).setUp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.external_account = GitHubAccountFactory(display_name='hmoco1')
self.user_settings = self.user.get_or_add_addon('github')
self.user_settings.save()
self.user.external_accounts.add(self.external_account)
self.user.save()
self.node.add_addon('github', Auth(self.user))
self.node_addon = self.node.get_addon('github')
self.node_addon.user = self.user.fullname
self.node_addon.repo = '29 #Strafford APTS'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.external_account
self.node_addon.save()
self.user_settings.grant_oauth_access(
node=self.node,
external_account=self.external_account,
)
def test_run_for_all_addon(self):
results = AddonSnapshot().get_events()
names = [res['provider']['name'] for res in results]
for addon in ADDONS_AVAILABLE:
assert_in(addon.short_name, names)
def test_one_user_one_node_one_addon(self):
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(github_res['nodes']['total'], 1)
def test_one_user_one_node_one_addon_one_node_linked(self):
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(github_res['nodes']['total'], 1)
def test_one_user_with_multiple_githubs(self):
oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
oauth_settings2.save()
self.user.external_accounts.add(oauth_settings2)
self.user.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['users']['enabled'], 1)
def test_one_user_with_multiple_addons(self):
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
googledrive_res = [res for res in results if res['provider']['name'] == 'googledrive'][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(googledrive_res['users']['enabled'], 0)
self.user.add_addon('googledrive')
oauth_settings = GoogleDriveAccountFactory()
oauth_settings.save()
self.user.external_accounts.add(oauth_settings)
self.user.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
googledrive_res = [res for res in results if res['provider']['name'] == 'googledrive'][0]
assert_equal(github_res['users']['enabled'], 1)
assert_equal(googledrive_res['users']['enabled'], 1)
def test_many_users_each_with_a_different_github(self):
user = AuthUserFactory()
user.add_addon('github')
oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
oauth_settings2.save()
user.external_accounts.add(oauth_settings2)
user.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['users']['enabled'], 2)
assert_equal(github_res['users']['authorized'], 1)
assert_equal(github_res['users']['linked'], 1)
def test_many_users_each_with_the_same_github_enabled(self):
user = AuthUserFactory()
user.add_addon('github')
user.external_accounts.add(self.external_account)
user.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['users']['enabled'], 2)
def test_github_enabled_not_linked_or_authorized(self):
user = AuthUserFactory()
user.add_addon('github')
user.external_accounts.add(self.external_account)
user.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['users']['enabled'], 2)
assert_equal(github_res['users']['authorized'], 1)
assert_equal(github_res['users']['linked'], 1)
def test_one_node_with_multiple_addons(self):
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
googledrive_res = [res for res in results if res['provider']['name'] == 'googledrive'][0]
assert_equal(github_res['nodes']['total'], 1)
assert_equal(googledrive_res['nodes']['total'], 0)
self.user.add_addon('googledrive')
user_addon = self.user.get_addon('googledrive')
oauth_settings = GoogleDriveAccountFactory()
oauth_settings.save()
self.user.external_accounts.add(oauth_settings)
self.user.save()
self.node.add_addon('googledrive', Auth(self.user))
node_addon = self.node.get_addon('googledrive')
node_addon.user = self.user.fullname
node_addon.user_settings = user_addon
node_addon.external_account = oauth_settings
node_addon.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
googledrive_res = [res for res in results if res['provider']['name'] == 'googledrive'][0]
assert_equal(github_res['nodes']['total'], 1)
assert_equal(googledrive_res['nodes']['total'], 1)
def test_many_nodes_with_one_addon(self):
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['nodes']['total'], 1)
node = ProjectFactory(creator=self.user)
node.add_addon('github', Auth(self.user))
node_addon = node.get_addon('github')
node_addon.user = self.user.fullname
node_addon.repo = '8 (circle)'
node_addon.user_settings = self.user_addon
node_addon.external_account = self.external_account
node_addon.save()
node.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['nodes']['total'], 2)
def test_node_count_deleted_addon(self):
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['nodes']['deleted'], 0)
node = ProjectFactory(creator=self.user)
node.add_addon('github', Auth(self.user))
node_addon = node.get_addon('github')
node_addon.delete()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['nodes']['deleted'], 1)
def test_node_count_disconected_addon(self):
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['nodes']['disconnected'], 0)
node = ProjectFactory(creator=self.user)
node.add_addon('github', Auth(self.user))
node_addon = node.get_addon('github')
node_addon.external_account = None
node_addon.save()
results = AddonSnapshot().get_events()
github_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(github_res['nodes']['disconnected'], 1)
def test_all_users_have_wiki_osfstorage_enabled(self):
all_user_count = OSFUser.objects.all().count()
results = AddonSnapshot().get_events()
osfstorage_res = [res for res in results if res['provider']['name'] == 'osfstorage'][0]
wiki_res = [res for res in results if res['provider']['name'] == 'osfstorage'][0]
assert_equal(osfstorage_res['users']['enabled'], all_user_count)
assert_equal(wiki_res['users']['enabled'], all_user_count)
def test_wiki_deleted_shows_as_deleted(self):
node = ProjectFactory(creator=self.user)
node.delete_addon('wiki', auth=Auth(self.user))
results = AddonSnapshot().get_events()
wiki_res = [res for res in results if res['provider']['name'] == 'wiki'][0]
assert_equal(wiki_res['nodes']['deleted'], 1)
def test_node_settings_has_no_owner_not_connected(self):
self.node_addon.owner = None
self.node_addon.save()
results = AddonSnapshot().get_events()
storage_res = [res for res in results if res['provider']['name'] == 'github'][0]
assert_equal(storage_res['nodes']['connected'], 0)
class TestNodeFilesList(ApiTestCase):
def setUp(self):
super(TestNodeFilesList, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.private_url = '/{}nodes/{}/files/'.format(API_BASE,
self.project._id)
self.user_two = AuthUserFactory()
self.public_project = ProjectFactory(creator=self.user, is_public=True)
self.public_url = '/{}nodes/{}/files/'.format(API_BASE,
self.public_project._id)
httpretty.enable()
def tearDown(self):
super(TestNodeFilesList, self).tearDown()
httpretty.disable()
httpretty.reset()
def add_github(self):
user_auth = Auth(self.user)
self.project.add_addon('github', auth=user_auth)
addon = self.project.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.project.save()
addon.user_settings.oauth_grants[self.project._id] = {
oauth_settings._id: []
}
addon.user_settings.save()
def view_only_link(self):
private_link = PrivateLinkFactory(creator=self.user)
private_link.nodes.add(self.project)
private_link.save()
return private_link
def _prepare_mock_wb_response(self, node=None, **kwargs):
prepare_mock_wb_response(node=node or self.project, **kwargs)
def test_returns_public_files_logged_out(self):
res = self.app.get(self.public_url, expect_errors=True)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['attributes']['provider'],
'osfstorage')
assert_equal(res.content_type, 'application/vnd.api+json')
def test_returns_public_files_logged_in(self):
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data'][0]['attributes']['provider'],
'osfstorage')
def test_returns_storage_addons_link(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_in('storage_addons', res.json['data'][0]['links'])
def test_returns_file_data(self):
fobj = self.project.get_addon('osfstorage').get_root().append_file(
'NewFile')
fobj.save()
res = self.app.get('{}osfstorage/{}'.format(self.private_url,
fobj._id),
auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_true(isinstance(res.json['data'], dict))
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data']['attributes']['kind'], 'file')
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
def test_returns_osfstorage_folder_version_two(self):
fobj = self.project.get_addon('osfstorage').get_root().append_folder(
'NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/'.format(self.private_url),
auth=self.user.auth)
assert_equal(res.status_code, 200)
def test_returns_osf_storage_folder_version_two_point_two(self):
fobj = self.project.get_addon('osfstorage').get_root().append_folder(
'NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/?version=2.2'.format(
self.private_url),
auth=self.user.auth)
assert_equal(res.status_code, 200)
def test_list_returns_folder_data(self):
fobj = self.project.get_addon('osfstorage').get_root().append_folder(
'NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/'.format(self.private_url, fobj._id),
auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFolder')
def test_returns_folder_data(self):
fobj = self.project.get_addon('osfstorage').get_root().append_folder(
'NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/{}/'.format(self.private_url,
fobj._id),
auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 0)
assert_equal(res.content_type, 'application/vnd.api+json')
def test_returns_private_files_logged_out(self):
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_in('detail', res.json['errors'][0])
def test_returns_private_files_logged_in_contributor(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(len(res.json['data']), 1)
assert_equal(res.json['data'][0]['attributes']['provider'],
'osfstorage')
def test_returns_private_files_logged_in_non_contributor(self):
res = self.app.get(self.private_url,
auth=self.user_two.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
assert_in('detail', res.json['errors'][0])
def test_returns_addon_folders(self):
user_auth = Auth(self.user)
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(len(res.json['data']), 1)
assert_equal(res.json['data'][0]['attributes']['provider'],
'osfstorage')
self.project.add_addon('github', auth=user_auth)
addon = self.project.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.project.save()
addon.user_settings.oauth_grants[self.project._id] = {
oauth_settings._id: []
}
addon.user_settings.save()
res = self.app.get(self.private_url, auth=self.user.auth)
data = res.json['data']
providers = [item['attributes']['provider'] for item in data]
assert_equal(len(data), 2)
assert_in('github', providers)
assert_in('osfstorage', providers)
def test_vol_node_files_list(self):
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}])
self.add_github()
vol = self.view_only_link()
url = '/{}nodes/{}/files/github/?view_only={}'.format(
API_BASE, self.project._id, vol.key)
res = self.app.get(url, auth=self.user_two.auth)
wb_request = httpretty.last_request()
assert_equal(wb_request.querystring, {
u'view_only': [unicode(vol.key, 'utf-8')],
u'meta': [u'True']
})
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
def test_returns_node_files_list(self):
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}])
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
# test create
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
# test get
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
def test_returns_node_file(self):
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}],
folder=False,
path='/file')
self.add_github()
url = '/{}nodes/{}/files/github/file'.format(API_BASE,
self.project._id)
res = self.app.get(
url,
auth=self.user.auth,
headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
# test create
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
assert_equal(res.json['data']['attributes']['provider'], 'github')
# test get
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
assert_equal(res.json['data']['attributes']['provider'], 'github')
def test_notfound_node_file_returns_folder(self):
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}],
path='/file')
url = '/{}nodes/{}/files/github/file'.format(API_BASE,
self.project._id)
res = self.app.get(
url,
auth=self.user.auth,
expect_errors=True,
headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
assert_equal(res.status_code, 404)
def test_notfound_node_folder_returns_file(self):
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}],
folder=False,
path='/')
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(
url,
auth=self.user.auth,
expect_errors=True,
headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
assert_equal(res.status_code, 404)
def test_waterbutler_server_error_returns_503(self):
self._prepare_mock_wb_response(status_code=500)
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(
url,
auth=self.user.auth,
expect_errors=True,
headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
assert_equal(res.status_code, 503)
def test_waterbutler_invalid_data_returns_503(self):
wb_url = waterbutler_api_url_for(self.project._id,
provider='github',
path='/',
meta=True)
self.add_github()
httpretty.register_uri(httpretty.GET,
wb_url,
body=json.dumps({}),
status=400)
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 503)
def test_handles_unauthenticated_waterbutler_request(self):
self._prepare_mock_wb_response(status_code=401)
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_in('detail', res.json['errors'][0])
def test_handles_notfound_waterbutler_request(self):
invalid_provider = 'gilkjadsflhub'
self._prepare_mock_wb_response(status_code=404,
provider=invalid_provider)
url = '/{}nodes/{}/files/{}/'.format(API_BASE, self.project._id,
invalid_provider)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
assert_in('detail', res.json['errors'][0])
def test_handles_request_to_provider_not_configured_on_project(self):
provider = 'box'
url = '/{}nodes/{}/files/{}/'.format(API_BASE, self.project._id,
provider)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_false(self.project.get_addon(provider))
assert_equal(res.status_code, 404)
assert_equal(
res.json['errors'][0]['detail'],
'The {} provider is not configured for this project.'.format(
provider))
def test_handles_bad_waterbutler_request(self):
wb_url = waterbutler_api_url_for(self.project._id,
provider='github',
path='/',
meta=True)
httpretty.register_uri(httpretty.GET,
wb_url,
body=json.dumps({}),
status=418)
self.add_github()
url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 503)
assert_in('detail', res.json['errors'][0])
def test_files_list_contains_relationships_object(self):
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert 'relationships' in res.json['data'][0]
class TestAddonLogs(OsfTestCase):
def setUp(self):
super(TestAddonLogs, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def build_payload(self, metadata, **kwargs):
options = dict(
auth={'id': self.user._id},
action='create',
provider=self.node_addon.config.short_name,
metadata=metadata,
time=time.time() + 1000,
)
options.update(kwargs)
options = {
key: value
for key, value in options.iteritems()
if value is not None
}
message, signature = signing.default_signer.sign_payload(options)
return {
'payload': message,
'signature': signature,
}
@mock.patch('website.notifications.events.files.FileAdded.perform')
def test_add_log(self, mock_perform):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
# # Mocking form_message and perform so that the payload need not be exact.
# assert_true(mock_form_message.called, "form_message not called")
assert_true(mock_perform.called, 'perform not called')
def test_add_log_missing_args(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth=None)
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_user(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth={'id': None})
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_addon(self):
path = 'pizza'
node = ProjectFactory(creator=self.user)
url = node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(node.logs.count(), nlogs)
def test_add_log_bad_action(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, action='dance')
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_action_file_rename(self):
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(
action='rename',
metadata={
'path': 'foo',
},
source={
'materialized': 'foo',
'provider': 'github',
'node': {'_id': self.node._id},
'name': 'new.txt',
'kind': 'file',
},
destination={
'path': 'foo',
'materialized': 'foo',
'provider': 'github',
'node': {'_id': self.node._id},
'name': 'old.txt',
'kind': 'file',
},
)
self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'}
)
self.node.reload()
assert_equal(
self.node.logs.latest().action,
'github_addon_file_renamed',
)
class TestAddonFileViews(OsfTestCase):
def setUp(self):
super(TestAddonFileViews, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.user.add_addon('github')
self.project.add_addon('github', auth=Auth(self.user))
self.user_addon = self.user.get_addon('github')
self.node_addon = self.project.get_addon('github')
self.oauth = GitHubAccountFactory()
self.oauth.save()
self.user.external_accounts.add(self.oauth)
self.user.save()
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth
self.node_addon.repo = 'Truth'
self.node_addon.user = '******'
self.node_addon.save()
self.user_addon.oauth_grants[self.project._id] = {self.oauth._id: []}
self.user_addon.save()
def get_test_file(self):
version = file_models.FileVersion(identifier='1')
version.save()
ret = GithubFile(
name='Test',
node=self.project,
path='/test/Test',
materialized_path='/test/Test',
)
ret.save()
ret.versions.add(version)
return ret
def get_second_test_file(self):
version = file_models.FileVersion(identifier='1')
version.save()
ret = GithubFile(
name='Test2',
node=self.project,
path='/test/Test2',
materialized_path='/test/Test2',
)
ret.save()
ret.versions.add(version)
return ret
def get_mako_return(self):
ret = serialize_node(self.project, Auth(self.user), primary=True)
ret.update({
'error': '',
'provider': '',
'file_path': '',
'sharejs_uuid': '',
'private': '',
'urls': {
'files': '',
'render': '',
'sharejs': '',
'mfr': '',
'gravatar': '',
'external': '',
'archived_from': '',
},
'size': '',
'extra': '',
'file_name': '',
'materialized_path': '',
'file_id': '',
})
ret.update(rubeus.collect_addon_assets(self.project))
return ret
def test_redirects_to_guid(self):
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=file_node.path.strip('/'),
provider='github'
),
auth=self.user.auth
)
assert_equals(resp.status_code, 302)
assert_equals(resp.location, 'http://*****:*****@mock.patch('addons.base.views.addon_view_file')
def test_action_view_calls_view_file(self, mock_view_file):
self.user.reload()
self.project.reload()
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
mock_view_file.return_value = self.get_mako_return()
self.app.get('/{}/?action=view'.format(guid._id), auth=self.user.auth)
args, kwargs = mock_view_file.call_args
assert_equals(kwargs, {})
assert_equals(args[0].user._id, self.user._id)
assert_equals(args[1], self.project)
assert_equals(args[2], file_node)
assert_true(isinstance(args[3], file_node.touch(None).__class__))
@mock.patch('addons.base.views.addon_view_file')
def test_no_action_calls_view_file(self, mock_view_file):
self.user.reload()
self.project.reload()
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
mock_view_file.return_value = self.get_mako_return()
self.app.get('/{}/'.format(guid._id), auth=self.user.auth)
args, kwargs = mock_view_file.call_args
assert_equals(kwargs, {})
assert_equals(args[0].user._id, self.user._id)
assert_equals(args[1], self.project)
assert_equals(args[2], file_node)
assert_true(isinstance(args[3], file_node.touch(None).__class__))
def test_download_create_guid(self):
file_node = self.get_test_file()
assert_is(file_node.get_guid(), None)
self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=file_node.path.strip('/'),
provider='github',
),
auth=self.user.auth
)
assert_true(file_node.get_guid())
def test_view_file_does_not_delete_file_when_requesting_invalid_version(self):
with mock.patch('addons.github.models.NodeSettings.is_private',
new_callable=mock.PropertyMock) as mock_is_private:
mock_is_private.return_value = False
file_node = self.get_test_file()
assert_is(file_node.get_guid(), None)
url = self.project.web_url_for(
'addon_view_or_download_file',
path=file_node.path.strip('/'),
provider='github',
)
# First view generated GUID
self.app.get(url, auth=self.user.auth)
self.app.get(url + '?version=invalid', auth=self.user.auth, expect_errors=True)
assert_is_not_none(StoredFileNode.load(file_node._id))
assert_is_none(TrashedFileNode.load(file_node._id))
def test_unauthorized_addons_raise(self):
path = 'cloudfiles'
self.node_addon.user_settings = None
self.node_addon.save()
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 401)
def test_nonstorage_addons_raise(self):
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path='sillywiki',
provider='wiki',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 400)
def test_head_returns_url(self):
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
resp = self.app.head('/{}/'.format(guid._id), auth=self.user.auth)
location = furl.furl(resp.location)
assert_urls_equal(location.url, file_node.generate_waterbutler_url(direct=None, version=''))
def test_head_returns_url_with_version(self):
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
resp = self.app.head('/{}/?revision=1&foo=bar'.format(guid._id), auth=self.user.auth)
location = furl.furl(resp.location)
# Note: version is added but us but all other url params are added as well
assert_urls_equal(location.url, file_node.generate_waterbutler_url(direct=None, revision=1, version='', foo='bar'))
def test_nonexistent_addons_raise(self):
path = 'cloudfiles'
self.project.delete_addon('github', Auth(self.user))
self.project.save()
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 400)
def test_unauth_addons_raise(self):
path = 'cloudfiles'
self.node_addon.user_settings = None
self.node_addon.save()
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 401)
def test_delete_action_creates_trashed_file_node(self):
file_node = self.get_test_file()
payload = {
'provider': file_node.provider,
'metadata': {
'path': '/test/Test',
'materialized': '/test/Test'
}
}
views.addon_delete_file_node(self=None, node=self.project, user=self.user, event_type='file_removed', payload=payload)
assert_false(GithubFileNode.load(file_node._id))
assert_true(TrashedFileNode.load(file_node._id))
def test_delete_action_for_folder_deletes_subfolders_and_creates_trashed_file_nodes(self):
file_node = self.get_test_file()
subfolder = GithubFolder(
name='folder',
node=self.project,
path='/test/folder/',
materialized_path='/test/folder/',
)
subfolder.save()
payload = {
'provider': file_node.provider,
'metadata': {
'path': '/test/',
'materialized': '/test/'
}
}
views.addon_delete_file_node(self=None, node=self.project, user=self.user, event_type='file_removed', payload=payload)
assert_false(GithubFileNode.load(subfolder._id))
assert_true(TrashedFileNode.load(file_node._id))
@mock.patch('website.archiver.tasks.archive')
def test_archived_from_url(self, mock_archive):
file_node = self.get_test_file()
second_file_node = self.get_second_test_file()
file_node.copied_from = second_file_node
registered_node = self.project.register_node(
schema=get_default_metaschema(),
auth=Auth(self.user),
data=None,
)
archived_from_url = views.get_archived_from_url(registered_node, file_node)
view_url = self.project.web_url_for('addon_view_or_download_file', provider=file_node.provider, path=file_node.copied_from._id)
assert_true(archived_from_url)
assert_urls_equal(archived_from_url, view_url)
@mock.patch('website.archiver.tasks.archive')
def test_archived_from_url_without_copied_from(self, mock_archive):
file_node = self.get_test_file()
registered_node = self.project.register_node(
schema=get_default_metaschema(),
auth=Auth(self.user),
data=None,
)
archived_from_url = views.get_archived_from_url(registered_node, file_node)
assert_false(archived_from_url)
@mock.patch('website.archiver.tasks.archive')
def test_copied_from_id_trashed(self, mock_archive):
file_node = self.get_test_file()
second_file_node = self.get_second_test_file()
file_node.copied_from = second_file_node
self.project.register_node(
schema=get_default_metaschema(),
auth=Auth(self.user),
data=None,
)
trashed_node = second_file_node.delete()
assert_false(trashed_node.copied_from)
@mock.patch('website.archiver.tasks.archive')
def test_missing_modified_date_in_file_data(self, mock_archive):
file_node = self.get_test_file()
file_data = {
'name': 'Test File Update',
'materialized': file_node.materialized_path,
'modified': None
}
file_node.update(revision=None, data=file_data)
assert_equal(len(file_node.history), 1)
assert_equal(file_node.history[0], file_data)
class TestAddonAuth(OsfTestCase):
def setUp(self):
super(TestAddonAuth, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def build_url(self, **kwargs):
options = {'payload': jwe.encrypt(jwt.encode({'data': dict(dict(
action='download',
nid=self.node._id,
provider=self.node_addon.config.short_name), **kwargs),
'exp': timezone.now() + datetime.timedelta(seconds=settings.WATERBUTLER_JWT_EXPIRATION),
}, settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM), self.JWE_KEY)}
return api_url_for('get_auth', **options)
def test_auth_download(self):
url = self.build_url()
res = self.app.get(url, auth=self.user.auth)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_missing_args(self):
url = self.build_url(cookie=None)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_bad_cookie(self):
url = self.build_url(cookie=self.cookie)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 200)
data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
assert_equal(data['auth'], views.make_auth(self.user))
assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
observed_url = furl.furl(data['callback_url'])
observed_url.port = expected_url.port
assert_equal(expected_url, observed_url)
def test_auth_cookie(self):
url = self.build_url(cookie=self.cookie[::-1])
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_auth_missing_addon(self):
url = self.build_url(provider='queenhub')
res = self.app.get(url, expect_errors=True, auth=self.user.auth)
assert_equal(res.status_code, 400)
@mock.patch('addons.base.views.cas.get_client')
def test_auth_bad_bearer_token(self, mock_cas_client):
mock_cas_client.return_value = mock.Mock(profile=mock.Mock(return_value=cas.CasResponse(authenticated=False)))
url = self.build_url()
res = self.app.get(url, headers={'Authorization': 'Bearer invalid_access_token'}, expect_errors=True)
assert_equal(res.status_code, 403)
class TestAddonLogs(OsfTestCase):
def setUp(self):
super(TestAddonLogs, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
self.configure_addon()
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
self.user_addon.save()
def configure_osf_addon(self):
self.project = ProjectFactory(creator=self.user)
self.node_addon = self.project.get_addon('osfstorage')
self.node_addon.save()
def build_payload(self, metadata, **kwargs):
options = dict(
auth={'id': self.user._id},
action='create',
provider=self.node_addon.config.short_name,
metadata=metadata,
time=time.time() + 1000,
)
options.update(kwargs)
options = {
key: value
for key, value in options.iteritems()
if value is not None
}
message, signature = signing.default_signer.sign_payload(options)
return {
'payload': message,
'signature': signature,
}
@mock.patch('website.notifications.events.files.FileAdded.perform')
def test_add_log(self, mock_perform):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
# # Mocking form_message and perform so that the payload need not be exact.
# assert_true(mock_form_message.called, "form_message not called")
assert_true(mock_perform.called, 'perform not called')
def test_add_log_missing_args(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth=None)
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_user(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, auth={'id': None})
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_log_no_addon(self):
path = 'pizza'
node = ProjectFactory(creator=self.user)
url = node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path})
nlogs = node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(node.logs.count(), nlogs)
def test_add_log_bad_action(self):
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'path': path}, action='dance')
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=True,
)
assert_equal(res.status_code, 400)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_action_file_rename(self):
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(
action='rename',
metadata={
'path': 'foo',
},
source={
'materialized': 'foo',
'provider': 'github',
'node': {'_id': self.node._id},
'name': 'new.txt',
'kind': 'file',
},
destination={
'path': 'foo',
'materialized': 'foo',
'provider': 'github',
'node': {'_id': self.node._id},
'name': 'old.txt',
'kind': 'file',
},
)
self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'}
)
self.node.reload()
assert_equal(
self.node.logs.latest().action,
'github_addon_file_renamed',
)
def test_action_downloads(self):
url = self.node.api_url_for('create_waterbutler_log')
download_actions=('download_file', 'download_zip')
for action in download_actions:
payload = self.build_payload(metadata={'path': 'foo'}, action=action)
nlogs = self.node.logs.count()
res = self.app.put_json(
url,
payload,
headers={'Content-Type': 'application/json'},
expect_errors=False,
)
assert_equal(res.status_code, 200)
self.node.reload()
assert_equal(self.node.logs.count(), nlogs)
def test_add_file_osfstorage_log(self):
self.configure_osf_addon()
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'materialized': path, 'kind': 'file', 'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
assert('urls' in self.node.logs.filter(action='osf_storage_file_added')[0].params)
def test_add_folder_osfstorage_log(self):
self.configure_osf_addon()
path = 'pizza'
url = self.node.api_url_for('create_waterbutler_log')
payload = self.build_payload(metadata={'materialized': path, 'kind': 'folder', 'path': path})
nlogs = self.node.logs.count()
self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
self.node.reload()
assert_equal(self.node.logs.count(), nlogs + 1)
assert('urls' not in self.node.logs.filter(action='osf_storage_file_added')[0].params)
class TestNodeFilesList(ApiTestCase):
def setUp(self):
super(TestNodeFilesList, self).setUp()
self.user = AuthUserFactory()
self.draft_reg = DraftRegistrationFactory(creator=self.user)
self.draft_node = self.draft_reg.branched_from
self.private_url = '/{}draft_nodes/{}/files/'.format(
API_BASE, self.draft_node._id)
self.user_two = AuthUserFactory()
def add_github(self):
user_auth = Auth(self.user)
self.draft_node.add_addon('github', auth=user_auth)
addon = self.draft_node.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.draft_node.save()
addon.user_settings.oauth_grants[self.draft_node._id] = {
oauth_settings._id: []
}
addon.user_settings.save()
def view_only_link(self):
private_link = PrivateLinkFactory(creator=self.user)
private_link.nodes.add(self.draft_node)
private_link.save()
return private_link
def _prepare_mock_wb_response(self, node=None, **kwargs):
prepare_mock_wb_response(node=node or self.draft_node, **kwargs)
def test_returns_storage_addons_link(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_in('storage_addons', res.json['data'][0]['links'])
def test_returns_file_data(self):
fobj = self.draft_node.get_addon('osfstorage').get_root().append_file(
'NewFile')
fobj.save()
res = self.app.get('{}osfstorage/{}'.format(self.private_url,
fobj._id),
auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_true(isinstance(res.json['data'], dict))
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data']['attributes']['kind'], 'file')
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
def test_returns_osfstorage_folder_version_two(self):
fobj = self.draft_node.get_addon(
'osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/'.format(self.private_url),
auth=self.user.auth)
assert_equal(res.status_code, 200)
def test_returns_osf_storage_folder_version_two_point_two(self):
fobj = self.draft_node.get_addon(
'osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/?version=2.2'.format(
self.private_url),
auth=self.user.auth)
assert_equal(res.status_code, 200)
def test_list_returns_folder_data(self):
fobj = self.draft_node.get_addon(
'osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/'.format(self.private_url, fobj._id),
auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFolder')
def test_returns_folder_data(self):
fobj = self.draft_node.get_addon(
'osfstorage').get_root().append_folder('NewFolder')
fobj.save()
res = self.app.get('{}osfstorage/{}/'.format(self.private_url,
fobj._id),
auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 0)
assert_equal(res.content_type, 'application/vnd.api+json')
def test_returns_private_files_logged_out(self):
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_in('detail', res.json['errors'][0])
def test_returns_private_files_logged_in_contributor(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(len(res.json['data']), 1)
assert_equal(res.json['data'][0]['attributes']['provider'],
'osfstorage')
def test_returns_private_files_logged_in_non_contributor(self):
res = self.app.get(self.private_url,
auth=self.user_two.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
assert_in('detail', res.json['errors'][0])
def test_returns_addon_folders(self):
user_auth = Auth(self.user)
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(len(res.json['data']), 1)
assert_equal(res.json['data'][0]['attributes']['provider'],
'osfstorage')
self.draft_node.add_addon('github', auth=user_auth)
addon = self.draft_node.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.draft_node.save()
addon.user_settings.oauth_grants[self.draft_node._id] = {
oauth_settings._id: []
}
addon.user_settings.save()
res = self.app.get(self.private_url, auth=self.user.auth)
data = res.json['data']
providers = [item['attributes']['provider'] for item in data]
assert_equal(len(data), 2)
assert_in('github', providers)
assert_in('osfstorage', providers)
@responses.activate
def test_vol_node_files_list(self):
vol = self.view_only_link()
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}],
view_only=vol.key)
self.add_github()
url = '/{}draft_nodes/{}/files/github/?view_only={}'.format(
API_BASE, self.draft_node._id, vol.key)
res = self.app.get(url, auth=self.user_two.auth)
wb_request = responses.calls[-1].request
url = furl.furl(wb_request.url)
assert_equal(url.query, 'meta=True&view_only={}'.format(vol.key))
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
assert_in(vol.key, res.json['data'][0]['links']['info'])
assert_in(vol.key, res.json['data'][0]['links']['move'])
assert_in(vol.key, res.json['data'][0]['links']['upload'])
assert_in(vol.key, res.json['data'][0]['links']['download'])
assert_in(vol.key, res.json['data'][0]['links']['delete'])
@responses.activate
def test_returns_node_files_list(self):
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}])
self.add_github()
url = '/{}draft_nodes/{}/files/github/'.format(API_BASE,
self.draft_node._id)
# test create
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
# test get
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
@responses.activate
def test_returns_folder_metadata_not_children(self):
folder = GithubFolder(name='Folder',
target=self.draft_node,
path='/Folder/')
folder.save()
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'Folder'
}],
path='/Folder/')
self.add_github()
url = '/{}draft_nodes/{}/files/github/Folder/'.format(
API_BASE, self.draft_node._id)
res = self.app.get(url, params={'info': ''}, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['attributes']['kind'], 'folder')
assert_equal(res.json['data'][0]['attributes']['name'], 'Folder')
assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
@responses.activate
def test_returns_node_file(self):
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}],
folder=False,
path='/file')
self.add_github()
url = '/{}draft_nodes/{}/files/github/file'.format(
API_BASE, self.draft_node._id)
res = self.app.get(
url,
auth=self.user.auth,
headers={
'COOKIE': 'foo=bar;' # Webtests doesnt support cookies?
})
# test create
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
assert_equal(res.json['data']['attributes']['provider'], 'github')
# test get
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['name'], 'NewFile')
assert_equal(res.json['data']['attributes']['provider'], 'github')
@responses.activate
def test_notfound_node_file_returns_folder(self):
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}],
path='/file')
url = '/{}draft_nodes/{}/files/github/file'.format(
API_BASE, self.draft_node._id)
res = self.app.get(
url,
auth=self.user.auth,
expect_errors=True,
headers={'COOKIE': 'foo=bar;'} # Webtests doesnt support cookies?
)
assert_equal(res.status_code, 404)
@responses.activate
def test_notfound_node_folder_returns_file(self):
self._prepare_mock_wb_response(provider='github',
files=[{
'name': 'NewFile'
}],
folder=False,
path='/')
url = '/{}draft_nodes/{}/files/github/'.format(API_BASE,
self.draft_node._id)
res = self.app.get(
url,
auth=self.user.auth,
expect_errors=True,
headers={'COOKIE': 'foo=bar;'} # Webtests doesnt support cookies?
)
assert_equal(res.status_code, 404)
@responses.activate
def test_waterbutler_server_error_returns_503(self):
self._prepare_mock_wb_response(status_code=500)
self.add_github()
url = '/{}draft_nodes/{}/files/github/'.format(API_BASE,
self.draft_node._id)
res = self.app.get(
url,
auth=self.user.auth,
expect_errors=True,
headers={'COOKIE': 'foo=bar;'} # Webtests doesnt support cookies?
)
assert_equal(res.status_code, 503)
@responses.activate
def test_waterbutler_invalid_data_returns_503(self):
wb_url = waterbutler_api_url_for(
self.draft_node._id,
_internal=True,
provider='github',
path='/',
meta=True,
base_url=self.draft_node.osfstorage_region.waterbutler_url)
self.add_github()
responses.add(
responses.Response(responses.GET,
wb_url,
body=json.dumps({}),
status=400))
url = '/{}draft_nodes/{}/files/github/'.format(API_BASE,
self.draft_node._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 503)
@responses.activate
def test_handles_unauthenticated_waterbutler_request(self):
self._prepare_mock_wb_response(status_code=401)
self.add_github()
url = '/{}draft_nodes/{}/files/github/'.format(API_BASE,
self.draft_node._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_in('detail', res.json['errors'][0])
@responses.activate
def test_handles_notfound_waterbutler_request(self):
invalid_provider = 'gilkjadsflhub'
self._prepare_mock_wb_response(status_code=404,
provider=invalid_provider)
url = '/{}draft_nodes/{}/files/{}/'.format(API_BASE,
self.draft_node._id,
invalid_provider)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
assert_in('detail', res.json['errors'][0])
def test_handles_request_to_provider_not_configured_on_project(self):
provider = 'box'
url = '/{}draft_nodes/{}/files/{}/'.format(API_BASE,
self.draft_node._id,
provider)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_false(self.draft_node.get_addon(provider))
assert_equal(res.status_code, 404)
assert_equal(
res.json['errors'][0]['detail'],
'The {} provider is not configured for this project.'.format(
provider))
@responses.activate
def test_handles_bad_waterbutler_request(self):
wb_url = waterbutler_api_url_for(
self.draft_node._id,
_internal=True,
provider='github',
path='/',
meta=True,
base_url=self.draft_node.osfstorage_region.waterbutler_url)
responses.add(
responses.Response(responses.GET,
wb_url,
json={'bad': 'json'},
status=418))
self.add_github()
url = '/{}draft_nodes/{}/files/github/'.format(API_BASE,
self.draft_node._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 503)
assert_in('detail', res.json['errors'][0])
def test_files_list_contains_relationships_object(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert 'relationships' in res.json['data'][0]
class TestAddonFileViews(OsfTestCase):
def setUp(self):
super(TestAddonFileViews, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.user.add_addon('github')
self.project.add_addon('github', auth=Auth(self.user))
self.user_addon = self.user.get_addon('github')
self.node_addon = self.project.get_addon('github')
self.oauth = GitHubAccountFactory()
self.oauth.save()
self.user.external_accounts.add(self.oauth)
self.user.save()
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth
self.node_addon.repo = 'Truth'
self.node_addon.user = '******'
self.node_addon.save()
self.user_addon.oauth_grants[self.project._id] = {self.oauth._id: []}
self.user_addon.save()
def set_sentry(status):
def wrapper(func):
@functools.wraps(func)
def wrapped(*args, **kwargs):
enabled, sentry.enabled = sentry.enabled, status
func(*args, **kwargs)
sentry.enabled = enabled
return wrapped
return wrapper
with_sentry = set_sentry(True)
def get_test_file(self):
version = file_models.FileVersion(identifier='1')
version.save()
ret = GithubFile(
name='Test',
node=self.project,
path='/test/Test',
materialized_path='/test/Test',
)
ret.save()
ret.versions.add(version)
return ret
def get_second_test_file(self):
version = file_models.FileVersion(identifier='1')
version.save()
ret = GithubFile(
name='Test2',
node=self.project,
path='/test/Test2',
materialized_path='/test/Test2',
)
ret.save()
ret.versions.add(version)
return ret
def get_mako_return(self):
ret = serialize_node(self.project, Auth(self.user), primary=True)
ret.update({
'error': '',
'provider': '',
'file_path': '',
'sharejs_uuid': '',
'private': '',
'urls': {
'files': '',
'render': '',
'sharejs': '',
'mfr': '',
'profile_image': '',
'external': '',
'archived_from': '',
},
'size': '',
'extra': '',
'file_name': '',
'materialized_path': '',
'file_id': '',
})
ret.update(rubeus.collect_addon_assets(self.project))
return ret
def test_redirects_to_guid(self):
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=file_node.path.strip('/'),
provider='github'
),
auth=self.user.auth
)
assert_equals(resp.status_code, 302)
assert_equals(resp.location, 'http://*****:*****@mock.patch('addons.base.views.addon_view_file')
def test_action_view_calls_view_file(self, mock_view_file):
self.user.reload()
self.project.reload()
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
mock_view_file.return_value = self.get_mako_return()
self.app.get('/{}/?action=view'.format(guid._id), auth=self.user.auth)
args, kwargs = mock_view_file.call_args
assert_equals(kwargs, {})
assert_equals(args[0].user._id, self.user._id)
assert_equals(args[1], self.project)
assert_equals(args[2], file_node)
assert_true(isinstance(args[3], file_node.touch(None).__class__))
@mock.patch('addons.base.views.addon_view_file')
def test_no_action_calls_view_file(self, mock_view_file):
self.user.reload()
self.project.reload()
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
mock_view_file.return_value = self.get_mako_return()
self.app.get('/{}/'.format(guid._id), auth=self.user.auth)
args, kwargs = mock_view_file.call_args
assert_equals(kwargs, {})
assert_equals(args[0].user._id, self.user._id)
assert_equals(args[1], self.project)
assert_equals(args[2], file_node)
assert_true(isinstance(args[3], file_node.touch(None).__class__))
def test_download_create_guid(self):
file_node = self.get_test_file()
assert_is(file_node.get_guid(), None)
self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=file_node.path.strip('/'),
provider='github',
),
auth=self.user.auth
)
assert_true(file_node.get_guid())
def test_view_file_does_not_delete_file_when_requesting_invalid_version(self):
with mock.patch('addons.github.models.NodeSettings.is_private',
new_callable=mock.PropertyMock) as mock_is_private:
mock_is_private.return_value = False
file_node = self.get_test_file()
assert_is(file_node.get_guid(), None)
url = self.project.web_url_for(
'addon_view_or_download_file',
path=file_node.path.strip('/'),
provider='github',
)
# First view generated GUID
self.app.get(url, auth=self.user.auth)
self.app.get(url + '?version=invalid', auth=self.user.auth, expect_errors=True)
assert_is_not_none(BaseFileNode.load(file_node._id))
assert_is_none(TrashedFileNode.load(file_node._id))
def test_unauthorized_addons_raise(self):
path = 'cloudfiles'
self.node_addon.user_settings = None
self.node_addon.save()
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 401)
def test_nonstorage_addons_raise(self):
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path='sillywiki',
provider='wiki',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 400)
def test_head_returns_url_and_redriect(self):
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
resp = self.app.head('/{}/'.format(guid._id), auth=self.user.auth)
location = furl.furl(resp.location)
assert_equals(resp.status_code, 302)
assert_urls_equal(location.url, file_node.generate_waterbutler_url(direct=None, version=''))
def test_head_returns_url_with_version_and_redirect(self):
file_node = self.get_test_file()
guid = file_node.get_guid(create=True)
resp = self.app.head('/{}/?revision=1&foo=bar'.format(guid._id), auth=self.user.auth)
location = furl.furl(resp.location)
# Note: version is added but us but all other url params are added as well
assert_equals(resp.status_code, 302)
assert_urls_equal(location.url, file_node.generate_waterbutler_url(direct=None, revision=1, version='', foo='bar'))
def test_nonexistent_addons_raise(self):
path = 'cloudfiles'
self.project.delete_addon('github', Auth(self.user))
self.project.save()
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 400)
def test_unauth_addons_raise(self):
path = 'cloudfiles'
self.node_addon.user_settings = None
self.node_addon.save()
resp = self.app.get(
self.project.web_url_for(
'addon_view_or_download_file',
path=path,
provider='github',
action='download'
),
auth=self.user.auth,
expect_errors=True
)
assert_equals(resp.status_code, 401)
def test_delete_action_creates_trashed_file_node(self):
file_node = self.get_test_file()
payload = {
'provider': file_node.provider,
'metadata': {
'path': '/test/Test',
'materialized': '/test/Test'
}
}
views.addon_delete_file_node(self=None, node=self.project, user=self.user, event_type='file_removed', payload=payload)
assert_false(GithubFileNode.load(file_node._id))
assert_true(TrashedFileNode.load(file_node._id))
def test_delete_action_for_folder_deletes_subfolders_and_creates_trashed_file_nodes(self):
file_node = self.get_test_file()
subfolder = GithubFolder(
name='folder',
node=self.project,
path='/test/folder/',
materialized_path='/test/folder/',
)
subfolder.save()
payload = {
'provider': file_node.provider,
'metadata': {
'path': '/test/',
'materialized': '/test/'
}
}
views.addon_delete_file_node(self=None, node=self.project, user=self.user, event_type='file_removed', payload=payload)
assert_false(GithubFileNode.load(subfolder._id))
assert_true(TrashedFileNode.load(file_node._id))
@mock.patch('website.archiver.tasks.archive')
def test_archived_from_url(self, mock_archive):
file_node = self.get_test_file()
second_file_node = self.get_second_test_file()
file_node.copied_from = second_file_node
registered_node = self.project.register_node(
schema=get_default_metaschema(),
auth=Auth(self.user),
data=None,
)
archived_from_url = views.get_archived_from_url(registered_node, file_node)
view_url = self.project.web_url_for('addon_view_or_download_file', provider=file_node.provider, path=file_node.copied_from._id)
assert_true(archived_from_url)
assert_urls_equal(archived_from_url, view_url)
@mock.patch('website.archiver.tasks.archive')
def test_archived_from_url_without_copied_from(self, mock_archive):
file_node = self.get_test_file()
registered_node = self.project.register_node(
schema=get_default_metaschema(),
auth=Auth(self.user),
data=None,
)
archived_from_url = views.get_archived_from_url(registered_node, file_node)
assert_false(archived_from_url)
@mock.patch('website.archiver.tasks.archive')
def test_copied_from_id_trashed(self, mock_archive):
file_node = self.get_test_file()
second_file_node = self.get_second_test_file()
file_node.copied_from = second_file_node
self.project.register_node(
schema=get_default_metaschema(),
auth=Auth(self.user),
data=None,
)
trashed_node = second_file_node.delete()
assert_false(trashed_node.copied_from)
@mock.patch('website.archiver.tasks.archive')
def test_missing_modified_date_in_file_data(self, mock_archive):
file_node = self.get_test_file()
file_data = {
'name': 'Test File Update',
'materialized': file_node.materialized_path,
'modified': None
}
file_node.update(revision=None, data=file_data)
assert_equal(len(file_node.history), 1)
assert_equal(file_node.history[0], file_data)
@mock.patch('website.archiver.tasks.archive')
def test_missing_modified_date_in_file_history(self, mock_archive):
file_node = self.get_test_file()
file_node.history.append({'modified': None})
file_data = {
'name': 'Test File Update',
'materialized': file_node.materialized_path,
'modified': None
}
file_node.update(revision=None, data=file_data)
assert_equal(len(file_node.history), 2)
assert_equal(file_node.history[1], file_data)
@with_sentry
@mock.patch('framework.sentry.sentry.captureMessage')
def test_update_logs_to_sentry_when_called_with_disordered_metadata(self, mock_capture):
file_node = self.get_test_file()
file_node.history.append({'modified': parse_date(
'2017-08-22T13:54:32.100900',
ignoretz=True,
default=timezone.now() # Just incase nothing can be parsed
)})
data = {
'name': 'a name',
'materialized': 'materialized',
'modified': '2016-08-22T13:54:32.100900'
}
file_node.update(revision=None, user=None, data=data)
mock_capture.assert_called_with(unicode('update() receives metatdata older than the newest entry in file history.'), extra={'session': {}})
class TestNodeFilesListPagination(ApiTestCase):
def setUp(self):
super(TestNodeFilesListPagination, self).setUp()
self.user = AuthUserFactory()
self.draft_reg = DraftRegistrationFactory(creator=self.user)
self.draft_node = self.draft_reg.branched_from
def add_github(self):
user_auth = Auth(self.user)
self.draft_node.add_addon('github', auth=user_auth)
addon = self.draft_node.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.draft_node.save()
addon.user_settings.oauth_grants[self.draft_node._id] = {
oauth_settings._id: []
}
addon.user_settings.save()
def check_file_order(self, resp):
previous_file_name = 0
for file in resp.json['data']:
int_file_name = int(file['attributes']['name'])
assert int_file_name > previous_file_name, 'Files were not in order'
previous_file_name = int_file_name
@responses.activate
def test_node_files_are_sorted_correctly(self):
prepare_mock_wb_response(node=self.draft_node,
provider='github',
files=[
{
'name': '01',
'path': '/01/',
'materialized': '/01/',
'kind': 'folder'
},
{
'name': '02',
'path': '/02',
'materialized': '/02',
'kind': 'file'
},
{
'name': '03',
'path': '/03/',
'materialized': '/03/',
'kind': 'folder'
},
{
'name': '04',
'path': '/04',
'materialized': '/04',
'kind': 'file'
},
{
'name': '05',
'path': '/05/',
'materialized': '/05/',
'kind': 'folder'
},
{
'name': '06',
'path': '/06',
'materialized': '/06',
'kind': 'file'
},
{
'name': '07',
'path': '/07/',
'materialized': '/07/',
'kind': 'folder'
},
{
'name': '08',
'path': '/08',
'materialized': '/08',
'kind': 'file'
},
{
'name': '09',
'path': '/09/',
'materialized': '/09/',
'kind': 'folder'
},
{
'name': '10',
'path': '/10',
'materialized': '/10',
'kind': 'file'
},
{
'name': '11',
'path': '/11/',
'materialized': '/11/',
'kind': 'folder'
},
{
'name': '12',
'path': '/12',
'materialized': '/12',
'kind': 'file'
},
{
'name': '13',
'path': '/13/',
'materialized': '/13/',
'kind': 'folder'
},
{
'name': '14',
'path': '/14',
'materialized': '/14',
'kind': 'file'
},
{
'name': '15',
'path': '/15/',
'materialized': '/15/',
'kind': 'folder'
},
{
'name': '16',
'path': '/16',
'materialized': '/16',
'kind': 'file'
},
{
'name': '17',
'path': '/17/',
'materialized': '/17/',
'kind': 'folder'
},
{
'name': '18',
'path': '/18',
'materialized': '/18',
'kind': 'file'
},
{
'name': '19',
'path': '/19/',
'materialized': '/19/',
'kind': 'folder'
},
{
'name': '20',
'path': '/20',
'materialized': '/20',
'kind': 'file'
},
{
'name': '21',
'path': '/21/',
'materialized': '/21/',
'kind': 'folder'
},
{
'name': '22',
'path': '/22',
'materialized': '/22',
'kind': 'file'
},
{
'name': '23',
'path': '/23/',
'materialized': '/23/',
'kind': 'folder'
},
{
'name': '24',
'path': '/24',
'materialized': '/24',
'kind': 'file'
},
])
self.add_github()
url = '/{}draft_nodes/{}/files/github/?page[size]=100'.format(
API_BASE, self.draft_node._id)
res = self.app.get(url, auth=self.user.auth)
self.check_file_order(res)
class TestNodeFilesListFiltering(ApiTestCase):
def setUp(self):
super(TestNodeFilesListFiltering, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
httpretty.enable()
# Prep HTTP mocks
prepare_mock_wb_response(
node=self.project,
provider='github',
files=[
{'name': 'abc', 'path': '/abc/', 'materialized': '/abc/', 'kind': 'folder'},
{'name': 'xyz', 'path': '/xyz', 'materialized': '/xyz', 'kind': 'file'},
]
)
def tearDown(self):
super(TestNodeFilesListFiltering, self).tearDown()
httpretty.disable()
httpretty.reset()
def add_github(self):
user_auth = Auth(self.user)
self.project.add_addon('github', auth=user_auth)
addon = self.project.get_addon('github')
addon.repo = 'something'
addon.user = '******'
oauth_settings = GitHubAccountFactory()
oauth_settings.save()
self.user.add_addon('github')
self.user.external_accounts.add(oauth_settings)
self.user.save()
addon.user_settings = self.user.get_addon('github')
addon.external_account = oauth_settings
addon.save()
self.project.save()
addon.user_settings.oauth_grants[self.project._id] = {oauth_settings._id: []}
addon.user_settings.save()
def test_node_files_are_filterable_by_name(self):
url = '/{}nodes/{}/files/github/?filter[name]=xyz'.format(API_BASE, self.project._id)
self.add_github()
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'abc'
assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')
def test_node_files_filter_by_name_case_insensitive(self):
url = '/{}nodes/{}/files/github/?filter[name]=XYZ'.format(API_BASE, self.project._id)
self.add_github()
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'abc', but finds 'xyz'
assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')
def test_node_files_are_filterable_by_path(self):
url = '/{}nodes/{}/files/github/?filter[path]=abc'.format(API_BASE, self.project._id)
self.add_github()
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'xyz'
assert_equal(res.json['data'][0]['attributes']['name'], 'abc')
def test_node_files_are_filterable_by_kind(self):
url = '/{}nodes/{}/files/github/?filter[kind]=folder'.format(API_BASE, self.project._id)
self.add_github()
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 1) # filters out 'xyz'
assert_equal(res.json['data'][0]['attributes']['name'], 'abc')
def test_node_files_external_provider_can_filter_by_last_touched(self):
yesterday_stamp = timezone.now() - datetime.timedelta(days=1)
self.add_github()
url = '/{}nodes/{}/files/github/?filter[last_touched][gt]={}'.format(API_BASE,
self.project._id,
yesterday_stamp.isoformat())
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), 2)
def test_node_files_osfstorage_cannot_filter_by_last_touched(self):
yesterday_stamp = timezone.now() - datetime.timedelta(days=1)
self.file = api_utils.create_test_file(self.project, self.user)
url = '/{}nodes/{}/files/osfstorage/?filter[last_touched][gt]={}'.format(API_BASE,
self.project._id,
yesterday_stamp.isoformat())
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(len(res.json['errors']), 1)
class TestViewUtils(OsfTestCase):
def setUp(self):
super(TestViewUtils, self).setUp()
self.user = AuthUserFactory()
self.auth_obj = Auth(user=self.user)
self.node = ProjectFactory(creator=self.user)
self.session = Session(data={'auth_user_id': self.user._id})
self.session.save()
self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(
self.session._id)
self.configure_addon()
self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'),
settings.WATERBUTLER_JWE_SALT.encode('utf-8'))
def configure_addon(self):
self.user.add_addon('github')
self.user_addon = self.user.get_addon('github')
self.oauth_settings = GitHubAccountFactory(display_name='john')
self.oauth_settings.save()
self.user.external_accounts.add(self.oauth_settings)
self.user.save()
self.node.add_addon('github', self.auth_obj)
self.node_addon = self.node.get_addon('github')
self.node_addon.user = '******'
self.node_addon.repo = 'youre-my-best-friend'
self.node_addon.user_settings = self.user_addon
self.node_addon.external_account = self.oauth_settings
self.node_addon.save()
self.user_addon.oauth_grants[self.node._id] = {
self.oauth_settings._id: []
}
self.user_addon.save()
def test_serialize_addons(self):
addon_dicts = serialize_addons(self.node, self.auth_obj)
enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
assert len(enabled_addons) == 2
assert enabled_addons[0]['short_name'] == 'github'
assert enabled_addons[1]['short_name'] == 'osfstorage'
default_addons = [addon for addon in addon_dicts if addon['default']]
assert len(default_addons) == 1
assert default_addons[0]['short_name'] == 'osfstorage'
def test_include_template_json(self):
""" Some addons (github, gitlab) need more specialized template infomation so we want to
ensure we get those extra variables that when the addon is enabled.
"""
addon_dicts = serialize_addons(self.node, self.auth_obj)
enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
assert len(enabled_addons) == 2
assert enabled_addons[1]['short_name'] == 'osfstorage'
assert enabled_addons[0]['short_name'] == 'github'
assert 'node_has_auth' in enabled_addons[0]
assert 'valid_credentials' in enabled_addons[0]
def test_collect_node_config_js(self):
addon_dicts = serialize_addons(self.node, self.auth_obj)
asset_paths = collect_node_config_js(addon_dicts)
# Default addons should be in addon dicts, but they have no js assets because you can't
# connect/disconnect from them, think osfstorage, there's no node-cfg for that.
default_addons = [
addon['short_name'] for addon in addon_dicts if addon['default']
]
assert not any('/{}/'.format(addon) in asset_paths
for addon in default_addons)
