Exemple #1
0
    def test_update_wiki_updates_contributor_comments_viewed_timestamp(self):
        contributor = AuthUserFactory()
        project = ProjectFactory(creator=self.user, is_public=True)
        project.add_contributor(contributor)
        project.save()
        wiki_page = WikiFactory(node=project, page_name='test')
        wiki = WikiVersionFactory(wiki_page=wiki_page)
        comment = CommentFactory(node=project, target=Guid.load(wiki_page._id), user=self.user)

        # user views comments -- sets user.comments_viewed_timestamp
        url = project.api_url_for('update_comments_timestamp')
        res = self.app.put_json(url, {
            'page': 'wiki',
            'rootId': wiki_page._id
        }, auth=self.user.auth)
        assert res.status_code == 200
        self.user.reload()
        assert wiki_page._id in self.user.comments_viewed_timestamp

        # contributor views comments -- sets contributor.comments_viewed_timestamp
        res = self.app.put_json(url, {
            'page': 'wiki',
            'rootId': wiki_page._id
        }, auth=contributor.auth)
        contributor.reload()
        assert wiki_page._id in contributor.comments_viewed_timestamp

        # user updates the wiki
        project.update_node_wiki('test', 'Updating wiki', self.auth)
        comment.reload()
        contributor.reload()

        new_version_id = project.get_wiki_version('test')._id
        assert wiki_page._id in contributor.comments_viewed_timestamp
        assert comment.target.referent._id == wiki_page._id
Exemple #2
0
class TestSpamDetail(AdminTestCase):
    def setUp(self):
        super(TestSpamDetail, self).setUp()
        self.comment = CommentFactory()
        self.comment.report_abuse(user=AuthUserFactory(), save=True,
                                  category='spam')
        self.request = RequestFactory().post('/fake_path')
        self.request.user = UserFactory()

    def test_confirm_spam(self):
        form_data = {'confirm': str(SpamStatus.SPAM)}
        form = ConfirmForm(data=form_data)
        nt.assert_true(form.is_valid())
        view = SpamDetail()
        view = setup_form_view(
            view, self.request, form, spam_id=self.comment._id)
        with transaction.atomic():
            view.form_valid(form)
        obj = AdminLogEntry.objects.latest(field_name='action_time')
        nt.assert_equal(obj.object_id, self.comment._id)
        nt.assert_in('Confirmed SPAM:', obj.message())

    def test_confirm_ham(self):
        form_data = {'confirm': str(SpamStatus.HAM)}
        form = ConfirmForm(data=form_data)
        nt.assert_true(form.is_valid())
        view = SpamDetail()
        view = setup_form_view(
            view, self.request, form, spam_id=self.comment._id)
        with transaction.atomic():
            view.form_valid(form)
        obj = AdminLogEntry.objects.latest(field_name='action_time')
        nt.assert_equal(obj.object_id, self.comment._id)
        nt.assert_in('Confirmed HAM:', obj.message())

    def test_form_valid_bad_id(self):
        form = ConfirmForm()
        view = SpamDetail()
        view = setup_form_view(view, self.request, form, spam_id='a1')
        with nt.assert_raises(Http404):
            view.form_valid(form)

    def test_get_context_data(self):
        view = SpamDetail()
        view = setup_view(view, self.request, spam_id=self.comment._id)
        res = view.get_context_data()
        nt.assert_equal(res['status'], '1')
        nt.assert_equal(res['page_number'], '1')
        nt.assert_is_instance(res['comment'], dict)
        nt.assert_equal(res['SPAM_STATUS'].UNKNOWN, SpamStatus.UNKNOWN)
        nt.assert_equal(res['SPAM_STATUS'].SPAM, SpamStatus.SPAM)
        nt.assert_equal(res['SPAM_STATUS'].HAM, SpamStatus.HAM)
        nt.assert_equal(res['SPAM_STATUS'].FLAGGED, SpamStatus.FLAGGED)

    def test_get_context_data_bad_id(self):
        view = setup_view(SpamDetail(), self.request, spam_id='a1')
        with nt.assert_raises(Http404):
            view.get_context_data()
Exemple #3
0
 def public_comment(self, user, contributor, public_project):
     public_comment = CommentFactory(node=public_project, user=contributor)
     public_comment.reports = {user._id: {
         'category': 'spam',
         'text': 'This is spam',
         'date': timezone.now(),
         'retracted': False,
     }}
     public_comment.save()
     return public_comment
Exemple #4
0
class TestEmailView(AdminTestCase):
    def setUp(self):
        super(TestEmailView, self).setUp()
        self.comment = CommentFactory()
        self.comment.report_abuse(user=AuthUserFactory(), save=True,
                                  category='spam')
        self.request = RequestFactory().post('/fake_path')
        self.request.user = UserFactory()

    def test_get_object_bad_id(self):
        view = setup_view(EmailView(), self.request, spam_id='a1')
        with nt.assert_raises(Http404):
            view.get_object()
Exemple #5
0
 def comment(self, user, contributor, private_project, file):
     comment = CommentFactory(
         node=private_project,
         target=file.get_guid(),
         user=contributor)
     comment.reports = {user._id: {
         'category': 'spam',
         'text': 'This is spam',
         'date': timezone.now(),
         'retracted': False,
     }}
     comment.save()
     return comment
Exemple #6
0
 def test_private_node_only_logged_in_contributor_commenter_can_undelete_own_reply(
         self, app, user, private_project, comment, set_up_payload):
     reply_target = Guid.load(comment._id)
     reply = CommentFactory(
         node=private_project,
         target=reply_target, user=user
     )
     reply_url = '/{}comments/{}/'.format(API_BASE, reply._id)
     reply.is_deleted = True
     reply.save()
     payload = set_up_payload(reply._id, has_content=False)
     res = app.patch_json_api(reply_url, payload, auth=user.auth)
     assert res.status_code == 200
     assert not res.json['data']['attributes']['deleted']
     assert res.json['data']['attributes']['content'] == reply.content
Exemple #7
0
 def setUp(self):
     super(TestEmailView, self).setUp()
     self.comment = CommentFactory()
     self.comment.report_abuse(user=AuthUserFactory(), save=True,
                               category='spam')
     self.request = RequestFactory().post('/fake_path')
     self.request.user = UserFactory()
Exemple #8
0
 def _set_up_public_project_with_comment(self):
     self.public_project = ProjectFactory.create(is_public=True,
                                                 creator=self.user,
                                                 comment_level='private')
     self.public_project.add_contributor(self.contributor, save=True)
     self.public_file = test_utils.create_test_file(self.public_project,
                                                    self.user)
     self.public_comment = CommentFactory(
         node=self.public_project,
         target=self.public_file.get_guid(),
         user=self.user)
     reply_target = Guid.load(self.public_comment._id)
     self.public_comment_reply = CommentFactory(node=self.public_project,
                                                target=reply_target,
                                                user=self.user)
     self.public_url = '/{}comments/{}/'.format(API_BASE,
                                                self.public_comment._id)
     self.public_comment_payload = self._set_up_payload(
         self.public_comment._id)
Exemple #9
0
 def test_public_node_non_contributor_commenter_can_delete_wiki_comment(
         self):
     project = ProjectFactory(is_public=True, comment_level='public')
     test_wiki = NodeWikiFactory(node=project, user=self.user)
     comment = CommentFactory(node=project,
                              target=Guid.load(test_wiki._id),
                              user=self.non_contributor)
     url = '/{}comments/{}/'.format(API_BASE, comment._id)
     res = self.app.delete_json_api(url, auth=self.non_contributor.auth)
     assert_equal(res.status_code, 204)
Exemple #10
0
 def test_public_node_non_contributor_commenter_can_delete_file_comment(
         self):
     project = ProjectFactory(is_public=True, comment_level='public')
     test_file = test_utils.create_test_file(project, project.creator)
     comment = CommentFactory(node=project,
                              target=test_file.get_guid(),
                              user=self.non_contributor)
     url = '/{}comments/{}/'.format(API_BASE, comment._id)
     res = self.app.delete_json_api(url, auth=self.non_contributor.auth)
     assert_equal(res.status_code, 204)
Exemple #11
0
 def test_private_node_only_logged_in_contributor_commenter_can_delete_own_reply(
         self):
     self._set_up_private_project_with_comment()
     reply_target = Guid.load(self.comment._id)
     reply = CommentFactory(node=self.private_project,
                            target=reply_target,
                            user=self.user)
     reply_url = '/{}comments/{}/'.format(API_BASE, reply._id)
     res = self.app.delete_json_api(reply_url, auth=self.user.auth)
     assert_equal(res.status_code, 204)
Exemple #12
0
    def test_redirects(self, app, project, registration, user):
        # test_redirect_to_node_view
        url = '/{}guids/{}/'.format(API_BASE, project._id)
        res = app.get(url, auth=user.auth)
        redirect_url = '{}{}nodes/{}/'.format(API_DOMAIN, API_BASE,
                                              project._id)
        assert res.status_code == 302
        assert res.location == redirect_url

        # test_redirect_to_registration_view
        url = '/{}guids/{}/'.format(API_BASE, registration._id)
        res = app.get(url, auth=user.auth)
        redirect_url = '{}{}registrations/{}/'.format(API_DOMAIN, API_BASE,
                                                      registration._id)
        assert res.status_code == 302
        assert res.location == redirect_url

        # test_redirect_to_collections_view
        collection = CollectionFactory()
        url = '/{}guids/{}/'.format(API_BASE, collection._id)
        res = app.get(url, auth=user.auth)
        redirect_url = '{}{}collections/{}/'.format(API_DOMAIN, API_BASE,
                                                    collection._id)
        assert res.status_code == 302
        assert res.location == redirect_url

        # test_redirect_to_file_view
        test_file = OsfStorageFile.create(
            target=ProjectFactory(),
            path='/test',
            name='test',
            materialized_path='/test',
        )
        test_file.save()
        guid = test_file.get_guid(create=True)
        url = '/{}guids/{}/'.format(API_BASE, guid._id)
        res = app.get(url, auth=user.auth)
        redirect_url = '{}{}files/{}/'.format(API_DOMAIN, API_BASE,
                                              test_file._id)
        assert res.status_code == 302
        assert res.location == redirect_url

        # test_redirect_to_comment_view
        comment = CommentFactory()
        url = '/{}guids/{}/'.format(API_BASE, comment._id)
        res = app.get(url, auth=user.auth)
        redirect_url = '{}{}comments/{}/'.format(API_DOMAIN, API_BASE,
                                                 comment._id)
        assert res.status_code == 302
        assert res.location == redirect_url

        # test_redirect_throws_404_for_invalid_guids
        url = '/{}guids/{}/'.format(API_BASE, 'fakeguid')
        res = app.get(url, auth=user.auth, expect_errors=True)
        assert res.status_code == 404
Exemple #13
0
 def _set_up_public_project_with_comment(self):
     self.public_project = ProjectFactory.create(is_public=True,
                                                 creator=self.user,
                                                 comment_level='private')
     self.public_project.add_contributor(self.contributor, save=True)
     with mock.patch('osf.models.AbstractNode.update_search'):
         self.public_wiki = NodeWikiFactory(node=self.public_project,
                                            user=self.user)
     self.public_comment = CommentFactory(node=self.public_project,
                                          target=Guid.load(
                                              self.public_wiki._id),
                                          user=self.user)
     reply_target = Guid.load(self.public_comment._id)
     self.public_comment_reply = CommentFactory(node=self.public_project,
                                                target=reply_target,
                                                user=self.user)
     self.public_url = '/{}comments/{}/'.format(API_BASE,
                                                self.public_comment._id)
     self.public_comment_payload = self._set_up_payload(
         self.public_comment._id)
Exemple #14
0
 def test_public_node_non_contributor_commenter_can_update_comment(self):
     project = ProjectFactory(is_public=True, comment_level='public')
     comment = CommentFactory(node=project, user=self.non_contributor)
     url = '/{}comments/{}/'.format(API_BASE, comment._id)
     payload = self._set_up_payload(comment._id)
     res = self.app.put_json_api(url,
                                 payload,
                                 auth=self.non_contributor.auth)
     assert_equal(res.status_code, 200)
     assert_equal(payload['data']['attributes']['content'],
                  res.json['data']['attributes']['content'])
Exemple #15
0
 def test_redirect_when_viewing_private_project_comment_through_view_only_link(
         self):
     project = ProjectFactory()
     view_only_link = self._add_private_link(project)
     comment = CommentFactory(node=project)
     url = '/{}guids/{}/?view_only={}'.format(API_BASE, comment._id,
                                              view_only_link.key)
     res = self.app.get(url, auth=AuthUserFactory().auth)
     redirect_url = '{}{}comments/{}/?view_only={}'.format(
         API_DOMAIN, API_BASE, comment._id, view_only_link.key)
     assert_equal(res.status_code, 302)
     assert_equal(res.location, redirect_url)
Exemple #16
0
 def test_wiki_has_comments_link(self):
     self._set_up_public_project_with_wiki_page()
     res = self.app.get(self.public_url)
     assert_equal(res.status_code, 200)
     url = res.json['data']['relationships']['comments']['links'][
         'related']['href']
     comment = CommentFactory(node=self.public_project,
                              target=Guid.load(self.public_wiki._id),
                              user=self.user)
     res = self.app.get(url)
     assert_equal(res.status_code, 200)
     assert_equal(res.json['data'][0]['type'], 'comments')
Exemple #17
0
 def setUp(self):
     super(TestUserSpamListView, self).setUp()
     self.project = ProjectFactory(is_public=True)
     self.user_1 = AuthUserFactory()
     self.user_2 = AuthUserFactory()
     self.project.add_contributor(self.user_1)
     self.project.add_contributor(self.user_2)
     self.project.save()
     self.user_1.save()
     self.user_2.save()
     self.comment_1 = CommentFactory(node=self.project, user=self.user_1)
     self.comment_2 = CommentFactory(node=self.project, user=self.user_1)
     self.comment_3 = CommentFactory(node=self.project, user=self.user_1)
     self.comment_4 = CommentFactory(node=self.project, user=self.user_1)
     self.comment_5 = CommentFactory(node=self.project, user=self.user_2)
     self.comment_6 = CommentFactory(node=self.project, user=self.user_2)
     self.comment_1.report_abuse(user=self.user_2, save=True,
                                 category='spam')
     self.comment_2.report_abuse(user=self.user_2, save=True,
                                 category='spam')
     self.comment_3.report_abuse(user=self.user_2, save=True,
                                 category='spam')
     self.comment_4.report_abuse(user=self.user_2, save=True,
                                 category='spam')
     self.comment_5.report_abuse(user=self.user_1, save=True,
                                 category='spam')
     self.comment_6.report_abuse(user=self.user_1, save=True,
                                 category='spam')
     self.request = RequestFactory().get('/fake_path')
     self.view = UserSpamList()
     self.view = setup_view(self.view, self.request, user_id=self.user_1._id)
Exemple #18
0
 def _set_up_public_project_comment_reports(self, comment_level='public'):
     self.public_project = ProjectFactory.create(is_public=True, creator=self.user, comment_level=comment_level)
     self.public_project.add_contributor(contributor=self.contributor, save=True)
     self.public_comment = CommentFactory.build(node=self.public_project, user=self.contributor)
     self.public_comment.reports = self.public_comment.reports or {}
     self.public_comment.reports[self.user._id] = {
         'category': 'spam',
         'text': 'This is spam',
         'date': timezone.now(),
         'retracted': False,
     }
     self.public_comment.save()
     self.public_url = '/{}comments/{}/reports/'.format(API_BASE, self.public_comment._id)
Exemple #19
0
 def _set_up_public_project_comment_reports(self, comment_level='public'):
     self.public_project = ProjectFactory.create(is_public=True, creator=self.user, comment_level=comment_level)
     self.public_project.add_contributor(contributor=self.contributor, save=True)
     self.public_comment = CommentFactory.build(node=self.public_project, user=self.contributor)
     self.public_comment.reports = self.public_comment.reports or {}
     self.public_comment.reports[self.user._id] = {
         'category': 'spam',
         'text': 'This is spam',
         'date': timezone.now(),
         'retracted': False,
     }
     self.public_comment.save()
     self.public_url = '/{}comments/{}/reports/'.format(API_BASE, self.public_comment._id)
Exemple #20
0
    def test_update_wiki_updates_contributor_comments_viewed_timestamp(self):
        contributor = AuthUserFactory()
        project = ProjectFactory(creator=self.user, is_public=True)
        project.add_contributor(contributor)
        project.save()
        wiki = NodeWikiFactory(node=project, page_name='test')
        comment = CommentFactory(node=project,
                                 target=Guid.load(wiki._id),
                                 user=self.user)

        # user views comments -- sets user.comments_viewed_timestamp
        url = project.api_url_for('update_comments_timestamp')
        res = self.app.put_json(url, {
            'page': 'wiki',
            'rootId': wiki._id
        },
                                auth=self.user.auth)
        assert res.status_code == 200
        self.user.reload()
        assert wiki._id in self.user.comments_viewed_timestamp

        # contributor views comments -- sets contributor.comments_viewed_timestamp
        res = self.app.put_json(url, {
            'page': 'wiki',
            'rootId': wiki._id
        },
                                auth=contributor.auth)
        contributor.reload()
        assert wiki._id in contributor.comments_viewed_timestamp

        # user updates the wiki
        project.update_node_wiki('test', 'Updating wiki', self.auth)
        comment.reload()
        contributor.reload()

        new_version_id = project.wiki_pages_current['test']
        assert new_version_id in contributor.comments_viewed_timestamp
        assert wiki._id not in contributor.comments_viewed_timestamp
        assert comment.target.referent._id == new_version_id
Exemple #21
0
 def test_public_node_non_contrib_commenter_can_update_wiki_comment(
         self, app, user, non_contrib, set_up_payload):
     project = ProjectFactory(is_public=True)
     test_wiki = NodeWikiFactory(node=project, user=user)
     comment = CommentFactory(node=project,
                              target=Guid.load(test_wiki._id),
                              user=non_contrib)
     url = '/{}comments/{}/'.format(API_BASE, comment._id)
     payload = set_up_payload(comment._id)
     res = app.put_json_api(url, payload, auth=non_contrib.auth)
     assert res.status_code == 200
     assert payload['data']['attributes']['content'] == res.json['data'][
         'attributes']['content']
Exemple #22
0
    def test_update_wiki_updates_comments_and_user_comments_viewed_timestamp(self):
        project = ProjectFactory(creator=self.user, is_public=True)
        wiki_page = WikiFactory(node=project, page_name='test')
        wiki = WikiVersionFactory(wiki_page=wiki_page)
        comment = CommentFactory(node=project, target=Guid.load(wiki_page._id), user=UserFactory())

        # user views comments -- sets user.comments_viewed_timestamp
        url = project.api_url_for('update_comments_timestamp')
        res = self.app.put_json(url, {
            'page': 'wiki',
            'rootId': wiki_page._id
        }, auth=self.user.auth)
        assert res.status_code == 200
        self.user.reload()
        assert wiki_page._id in self.user.comments_viewed_timestamp

        # user updates the wiki
        wiki_page.update(self.user, 'Updating wiki')
        comment.reload()
        self.user.reload()
        assert wiki_page._id in self.user.comments_viewed_timestamp
        assert comment.target.referent._id == wiki_page._id
Exemple #23
0
    def test_update_wiki_updates_comments_and_user_comments_viewed_timestamp(self):
        project = ProjectFactory(creator=self.user, is_public=True)
        wiki_page = WikiFactory(node=project, page_name='test')
        wiki = WikiVersionFactory(wiki_page=wiki_page)
        comment = CommentFactory(node=project, target=Guid.load(wiki_page._id), user=UserFactory())

        # user views comments -- sets user.comments_viewed_timestamp
        url = project.api_url_for('update_comments_timestamp')
        res = self.app.put_json(url, {
            'page': 'wiki',
            'rootId': wiki_page._id
        }, auth=self.user.auth)
        assert res.status_code == 200
        self.user.reload()
        assert wiki_page._id in self.user.comments_viewed_timestamp

        # user updates the wiki
        project.update_node_wiki('test', 'Updating wiki', self.auth)
        comment.reload()
        self.user.reload()
        assert wiki_page._id in self.user.comments_viewed_timestamp
        assert comment.target.referent._id == wiki_page._id
Exemple #24
0
 def test_public_node_non_contrib_commenter_can_delete_wiki_comment(
         self, app, user, non_contrib):
     project = ProjectFactory(is_public=True, comment_level='public')
     wiki_page = WikiFactory(
         user=user,
         node=project,
     )
     comment = CommentFactory(node=project,
                              target=Guid.load(wiki_page._id),
                              user=non_contrib)
     url = '/{}comments/{}/'.format(API_BASE, comment._id)
     res = app.delete_json_api(url, auth=non_contrib.auth)
     assert res.status_code == 204
Exemple #25
0
 def test_public_node_non_contrib_commenter_can_update_file_comment(
         self, app, non_contrib, set_up_payload):
     project = ProjectFactory(is_public=True)
     test_file = test_utils.create_test_file(project, project.creator)
     comment = CommentFactory(node=project,
                              target=test_file.get_guid(),
                              user=non_contrib)
     url = '/{}comments/{}/'.format(API_BASE, comment._id)
     payload = set_up_payload(comment._id)
     res = app.put_json_api(url, payload, auth=non_contrib.auth)
     assert res.status_code == 200
     assert payload['data']['attributes']['content'] == res.json['data'][
         'attributes']['content']
Exemple #26
0
 def _set_up_private_project_comment_reports(self):
     self.private_project = ProjectFactory.create(is_public=False, creator=self.user)
     self.private_project.add_contributor(contributor=self.contributor, save=True)
     self.file = test_utils.create_test_file(self.private_project, self.user)
     self.comment = CommentFactory.build(node=self.private_project, target=self.file.get_guid(), user=self.contributor)
     self.comment.reports = self.comment.reports or {}
     self.comment.reports[self.user._id] = {
         'category': 'spam',
         'text': 'This is spam',
         'date': timezone.now(),
         'retracted': False,
     }
     self.comment.save()
     self.private_url = '/{}comments/{}/reports/'.format(API_BASE, self.comment._id)
Exemple #27
0
 def test_public_node_non_contrib_commenter_cannot_update_own_comment_if_comment_level_private(
         self, app, non_contrib, set_up_payload):
     project = ProjectFactory(is_public=True, comment_level='public')
     comment = CommentFactory(node=project, user=non_contrib)
     project.comment_level = 'private'
     project.save()
     url = '/{}comments/{}/'.format(API_BASE, comment._id)
     payload = set_up_payload(comment._id)
     res = app.put_json_api(
         url, payload, auth=non_contrib.auth,
         expect_errors=True
     )
     assert res.status_code == 403
     assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
Exemple #28
0
 def _set_up_private_project_comment_reports(self):
     self.private_project = ProjectFactory.create(is_public=False, creator=self.user)
     self.private_project.add_contributor(contributor=self.contributor, save=True)
     self.file = test_utils.create_test_file(self.private_project, self.user)
     self.comment = CommentFactory.build(node=self.private_project, target=self.file.get_guid(), user=self.contributor)
     self.comment.reports = self.comment.reports or {}
     self.comment.reports[self.user._id] = {
         'category': 'spam',
         'text': 'This is spam',
         'date': timezone.now(),
         'retracted': False,
     }
     self.comment.save()
     self.private_url = '/{}comments/{}/reports/'.format(API_BASE, self.comment._id)
Exemple #29
0
 def test_file_has_correct_unread_comments_count(self):
     contributor = AuthUserFactory()
     self.node.add_contributor(contributor, auth=Auth(self.user), save=True)
     comment = CommentFactory(node=self.node,
                              target=self.file.get_guid(create=True),
                              user=contributor,
                              page='files')
     res = self.app.get('/{}files/{}/?related_counts=True'.format(
         API_BASE, self.file._id),
                        auth=self.user.auth)
     assert_equal(res.status_code, 200)
     unread_comments = res.json['data']['relationships']['comments'][
         'links']['related']['meta']['unread']
     assert_equal(unread_comments, 1)
Exemple #30
0
 def test_file_has_correct_unread_comments_count(self, app, user, file,
                                                 node):
     contributor = AuthUserFactory()
     node.add_contributor(contributor, auth=Auth(user), save=True)
     CommentFactory(node=node,
                    target=file.get_guid(create=True),
                    user=contributor,
                    page='files')
     res = app.get('/{}files/{}/?related_counts=True'.format(
         API_BASE, file._id),
                   auth=user.auth)
     assert res.status_code == 200
     unread_comments = res.json['data']['relationships']['comments'][
         'links']['related']['meta']['unread']
     assert unread_comments == 1
Exemple #31
0
 def test_public_node_non_contributor_commenter_can_update_file_comment(
         self):
     project = ProjectFactory(is_public=True)
     test_file = test_utils.create_test_file(project, project.creator)
     comment = CommentFactory(node=project,
                              target=test_file.get_guid(),
                              user=self.non_contributor)
     url = '/{}comments/{}/'.format(API_BASE, comment._id)
     payload = self._set_up_payload(comment._id)
     res = self.app.put_json_api(url,
                                 payload,
                                 auth=self.non_contributor.auth)
     assert_equal(res.status_code, 200)
     assert_equal(payload['data']['attributes']['content'],
                  res.json['data']['attributes']['content'])
Exemple #32
0
 def _set_up_public_project_comment_reports(self, comment_level='public'):
     self.public_project = ProjectFactory.create(is_public=True, creator=self.user, comment_level=comment_level)
     self.public_project.add_contributor(contributor=self.contributor, save=True)
     with mock.patch('osf.models.AbstractNode.update_search'):
         self.public_wiki = NodeWikiFactory(node=self.public_project, user=self.user)
     self.public_comment = CommentFactory.build(node=self.public_project, target=Guid.load(self.public_wiki._id), user=self.contributor)
     self.public_comment.reports = self.public_comment.reports or {}
     self.public_comment.reports[self.user._id] = {
         'category': 'spam',
         'text': 'This is spam',
         'date': timezone.now(),
         'retracted': False,
     }
     self.public_comment.save()
     self.public_url = '/{}comments/{}/reports/'.format(API_BASE, self.public_comment._id)
Exemple #33
0
 def _set_up_public_project_comment_reports(self, comment_level='public'):
     self.public_project = ProjectFactory.create(is_public=True, creator=self.user, comment_level=comment_level)
     self.public_project.add_contributor(contributor=self.contributor, save=True)
     with mock.patch('osf.models.AbstractNode.update_search'):
         self.public_wiki = NodeWikiFactory(node=self.public_project, user=self.user)
     self.public_comment = CommentFactory.build(node=self.public_project, target=Guid.load(self.public_wiki._id), user=self.contributor)
     self.public_comment.reports = self.public_comment.reports or {}
     self.public_comment.reports[self.user._id] = {
         'category': 'spam',
         'text': 'This is spam',
         'date': timezone.now(),
         'retracted': False,
     }
     self.public_comment.save()
     self.public_url = '/{}comments/{}/reports/'.format(API_BASE, self.public_comment._id)
Exemple #34
0
 def test_public_node_non_contributor_commenter_cannot_update_own_comment_if_comment_level_private(
         self):
     project = ProjectFactory(is_public=True, comment_level='public')
     comment = CommentFactory(node=project, user=self.non_contributor)
     project.comment_level = 'private'
     project.save()
     url = '/{}comments/{}/'.format(API_BASE, comment._id)
     payload = self._set_up_payload(comment._id)
     res = self.app.put_json_api(url,
                                 payload,
                                 auth=self.non_contributor.auth,
                                 expect_errors=True)
     assert_equal(res.status_code, 403)
     assert_equal(res.json['errors'][0]['detail'],
                  'You do not have permission to perform this action.')
Exemple #35
0
    def test_private_node_report_comment_auth_misc(self, app, user, contributor, non_contrib, private_project, private_url, comment, payload):

        # test_private_node_logged_out_user_cannot_report_comment
        res = app.post_json_api(private_url, payload, expect_errors=True)
        assert res.status_code == 401

        # test_private_node_logged_in_non_contrib_cannot_report_comment
        res = app.post_json_api(private_url, payload, auth=non_contrib.auth, expect_errors=True)
        assert res.status_code == 403

        # test_private_node_logged_in_contributor_can_report_comment
        comment_new = CommentFactory(node=private_project, user=contributor, target=comment.target)
        url = '/{}comments/{}/reports/'.format(API_BASE, comment_new._id)
        res = app.post_json_api(url, payload, auth=user.auth)
        assert res.status_code == 201
        assert res.json['data']['id'] == user._id
Exemple #36
0
    def test_report_comment_allow_blank_message(self, app, user, contributor, private_project, comment):

        comment_new = CommentFactory(node=private_project, user=contributor, target=comment.target)
        url = '/{}comments/{}/reports/'.format(API_BASE, comment_new._id)
        payload = {
            'data': {
                'type': 'comment_reports',
                'attributes': {
                    'category': 'spam',
                    'message': ''
                }
            }
        }
        res = app.post_json_api(url, payload, auth=user.auth)
        assert res.status_code == 201
        assert res.json['data']['id'] == user._id
        assert res.json['data']['attributes']['message'] == payload['data']['attributes']['message']
Exemple #37
0
 def test_report_comment_allow_blank_message(self):
     self._set_up_private_project_comment_reports()
     comment = CommentFactory(node=self.private_project, user=self.contributor, target=self.comment.target)
     url = '/{}comments/{}/reports/'.format(API_BASE, comment._id)
     payload = {
         'data': {
             'type': 'comment_reports',
             'attributes': {
                 'category': 'spam',
                 'message': ''
             }
         }
     }
     res = self.app.post_json_api(url, payload, auth=self.user.auth)
     assert_equal(res.status_code, 201)
     assert_equal(res.json['data']['id'], self.user._id)
     assert_equal(res.json['data']['attributes']['message'], payload['data']['attributes']['message'])
Exemple #38
0
 def setUp(self):
     super(TestSpamListView, self).setUp()
     Comment.objects.all().delete()
     self.project = ProjectFactory(is_public=True)
     self.user_1 = AuthUserFactory()
     self.user_2 = AuthUserFactory()
     self.project.add_contributor(self.user_1)
     self.project.add_contributor(self.user_2)
     self.project.save()
     self.user_1.save()
     self.user_2.save()
     date = timezone.now()
     self.comment_1 = CommentFactory(node=self.project, user=self.user_1)
     self.comment_2 = CommentFactory(node=self.project, user=self.user_1)
     self.comment_3 = CommentFactory(node=self.project, user=self.user_1)
     self.comment_4 = CommentFactory(node=self.project, user=self.user_1)
     self.comment_5 = CommentFactory(node=self.project, user=self.user_2)
     self.comment_6 = CommentFactory(node=self.project, user=self.user_2)
     self.comment_1.report_abuse(
         user=self.user_2,
         save=True,
         category='spam',
         date=date - timedelta(seconds=5)
     )
     self.comment_2.report_abuse(
         user=self.user_2,
         save=True,
         category='spam',
         date=date - timedelta(seconds=4)
     )
     self.comment_3.report_abuse(
         user=self.user_2,
         save=True,
         category='spam',
         date=date - timedelta(seconds=3)
     )
     self.comment_4.report_abuse(
         user=self.user_2,
         save=True,
         category='spam',
         date=date - timedelta(seconds=2)
     )
     self.comment_5.report_abuse(
         user=self.user_1,
         save=True,
         category='spam',
         date=date - timedelta(seconds=1)
     )
     self.comment_6.report_abuse(user=self.user_1, save=True,
                                 category='spam')
     self.request = RequestFactory().get('/fake_path')
     self.view = SpamList()
     self.view = setup_view(self.view, self.request, user_id=self.user_1._id)
Exemple #39
0
 def test_private_node_reporting_contributor_can_delete_report_detail(self):
     self._set_up_private_project_comment_reports()
     comment = CommentFactory.build(node=self.private_project,
                                    user=self.contributor,
                                    target=self.comment.target)
     comment.reports = {
         self.user._id: {
             'category': 'spam',
             'text': 'This is spam',
             'date': timezone.now(),
             'retracted': False,
         }
     }
     comment.save()
     url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment._id,
                                               self.user._id)
     res = self.app.delete_json_api(url, auth=self.user.auth)
     assert_equal(res.status_code, 204)
Exemple #40
0
 def _set_up_private_project_comment_reports(self):
     self.private_project = ProjectFactory.create(is_public=False,
                                                  creator=self.user)
     self.private_project.add_contributor(contributor=self.contributor,
                                          save=True)
     self.comment = CommentFactory.build(node=self.private_project,
                                         user=self.contributor)
     self.comment.reports = {
         self.user._id: {
             'category': 'spam',
             'text': 'This is spam',
             'date': timezone.now(),
             'retracted': False,
         }
     }
     self.comment.save()
     self.private_url = '/{}comments/{}/reports/{}/'.format(
         API_BASE, self.comment._id, self.user._id)
Exemple #41
0
    def test_public_node_report_comment_auth_misc(self, app, user, contributor, non_contrib, public_project, public_url, public_comment, payload):
    # def test_public_node_logged_out_user_cannot_report_comment(self):
        res = app.post_json_api(public_url, payload, expect_errors=True)
        assert res.status_code == 401

    # def test_public_node_contributor_can_report_comment(self):
        comment = CommentFactory(node=public_project, user=contributor, target=public_comment.target)
        url = '/{}comments/{}/reports/'.format(API_BASE, comment._id)
        res = app.post_json_api(url, payload, auth=user.auth)
        assert res.status_code == 201
        assert res.json['data']['id'] == user._id

    # def test_public_node_non_contrib_can_report_comment(self):
        """ Test that when a public project allows any osf user to
            comment (comment_level == 'public), non-contributors
            can also report comments.
        """
        res = app.post_json_api(public_url, payload, auth=non_contrib.auth)
        assert res.status_code == 201
        assert res.json['data']['id'] == non_contrib._id
Exemple #42
0
    def test_redirects_through_view_only_link(self, app, project, user):

        # test_redirect_when_viewing_private_project_through_view_only_link
        view_only_link = PrivateLinkFactory(anonymous=False)
        view_only_link.nodes.add(project)
        view_only_link.save()

        url = '/{}guids/{}/?view_only={}'.format(API_BASE, project._id,
                                                 view_only_link.key)
        res = app.get(url, auth=user.auth)
        redirect_url = '{}{}nodes/{}/?view_only={}'.format(
            API_DOMAIN, API_BASE, project._id, view_only_link.key)
        assert res.status_code == 302
        assert res.location == redirect_url

        # test_redirect_when_viewing_private_project_file_through_view_only_link
        test_file = OsfStorageFile.create(
            node=project,
            path='/test',
            name='test',
            materialized_path='/test',
        )
        test_file.save()
        guid = test_file.get_guid(create=True)
        url = '/{}guids/{}/?view_only={}'.format(API_BASE, guid._id,
                                                 view_only_link.key)
        res = app.get(url, auth=user.auth)
        redirect_url = '{}{}files/{}/?view_only={}'.format(
            API_DOMAIN, API_BASE, test_file._id, view_only_link.key)
        assert res.status_code == 302
        assert res.location == redirect_url

        # test_redirect_when_viewing_private_project_comment_through_view_only_link
        comment = CommentFactory(node=project)
        url = '/{}guids/{}/?view_only={}'.format(API_BASE, comment._id,
                                                 view_only_link.key)
        res = app.get(url, auth=AuthUserFactory().auth)
        redirect_url = '{}{}comments/{}/?view_only={}'.format(
            API_DOMAIN, API_BASE, comment._id, view_only_link.key)
        assert res.status_code == 302
        assert res.location == redirect_url
Exemple #43
0
    def test_private_node_delete_report_detail_auth_misc(
            self, app, user, contributor, non_contrib,
            private_project, private_url, comment
    ):
        # test_private_node_reported_contributor_cannot_delete_report_detail
        res = app.delete_json_api(
            private_url, auth=contributor.auth,
            expect_errors=True
        )
        assert res.status_code == 403

        # test_private_node_logged_in_non_contrib_cannot_delete_report_detail
        res = app.delete_json_api(
            private_url, auth=non_contrib.auth,
            expect_errors=True
        )
        assert res.status_code == 403

        # test_private_node_logged_out_contributor_cannot_delete_detail
        res = app.delete_json_api(private_url, expect_errors=True)
        assert res.status_code == 401

        # test_private_node_reporting_contributor_can_delete_report_detail
        comment_new = CommentFactory.build(
            node=private_project,
            user=contributor,
            target=comment.target
        )
        comment_new.reports = {user._id: {
            'category': 'spam',
            'text': 'This is spam',
            'date': timezone.now(),
            'retracted': False,
        }}
        comment_new.save()
        url = '/{}comments/{}/reports/{}/'.format(
            API_BASE, comment_new._id, user._id)
        res = app.delete_json_api(url, auth=user.auth)
        assert res.status_code == 204
Exemple #44
0
    def test_private_node_delete_report_detail_auth_misc(
            self, app, user, contributor, non_contrib, private_project,
            private_url, comment):
        # test_private_node_reported_contributor_cannot_delete_report_detail
        res = app.delete_json_api(private_url,
                                  auth=contributor.auth,
                                  expect_errors=True)
        assert res.status_code == 403

        # test_private_node_logged_in_non_contrib_cannot_delete_report_detail
        res = app.delete_json_api(private_url,
                                  auth=non_contrib.auth,
                                  expect_errors=True)
        assert res.status_code == 403

        # test_private_node_logged_out_contributor_cannot_delete_detail
        res = app.delete_json_api(private_url, expect_errors=True)
        assert res.status_code == 401

        # test_private_node_reporting_contributor_can_delete_report_detail
        comment_new = CommentFactory.build(node=private_project,
                                           user=contributor,
                                           target=comment.target)
        comment_new.reports = {
            user._id: {
                'category': 'spam',
                'text': 'This is spam',
                'date': timezone.now(),
                'retracted': False,
            }
        }
        comment_new.save()
        url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment_new._id,
                                                  user._id)
        res = app.delete_json_api(url, auth=user.auth)
        assert res.status_code == 204
Exemple #45
0
class TestSpamListView(AdminTestCase):
    def setUp(self):
        super(TestSpamListView, self).setUp()
        Comment.objects.all().delete()
        self.project = ProjectFactory(is_public=True)
        self.user_1 = AuthUserFactory()
        self.user_2 = AuthUserFactory()
        self.project.add_contributor(self.user_1)
        self.project.add_contributor(self.user_2)
        self.project.save()
        self.user_1.save()
        self.user_2.save()
        date = timezone.now()
        self.comment_1 = CommentFactory(node=self.project, user=self.user_1)
        self.comment_2 = CommentFactory(node=self.project, user=self.user_1)
        self.comment_3 = CommentFactory(node=self.project, user=self.user_1)
        self.comment_4 = CommentFactory(node=self.project, user=self.user_1)
        self.comment_5 = CommentFactory(node=self.project, user=self.user_2)
        self.comment_6 = CommentFactory(node=self.project, user=self.user_2)
        self.comment_1.report_abuse(
            user=self.user_2,
            save=True,
            category='spam',
            date=date - timedelta(seconds=5)
        )
        self.comment_2.report_abuse(
            user=self.user_2,
            save=True,
            category='spam',
            date=date - timedelta(seconds=4)
        )
        self.comment_3.report_abuse(
            user=self.user_2,
            save=True,
            category='spam',
            date=date - timedelta(seconds=3)
        )
        self.comment_4.report_abuse(
            user=self.user_2,
            save=True,
            category='spam',
            date=date - timedelta(seconds=2)
        )
        self.comment_5.report_abuse(
            user=self.user_1,
            save=True,
            category='spam',
            date=date - timedelta(seconds=1)
        )
        self.comment_6.report_abuse(user=self.user_1, save=True,
                                    category='spam')
        self.request = RequestFactory().get('/fake_path')
        self.view = SpamList()
        self.view = setup_view(self.view, self.request, user_id=self.user_1._id)

    def test_get_spam(self):
        res = list(self.view.get_queryset())
        nt.assert_equal(len(res), 6)
        response_list = [r._id for r in res]
        should_be = [
            self.comment_6._id,
            self.comment_5._id,
            self.comment_4._id,
            self.comment_3._id,
            self.comment_2._id,
            self.comment_1._id
        ]
        nt.assert_list_equal(should_be, response_list)

    def test_get_context_data(self):
        self.view.object_list = self.view.get_queryset()
        res = self.view.get_context_data()
        nt.assert_is_instance(res['spam'], list)
        nt.assert_is_instance(res['spam'][0], dict)
        nt.assert_equal(res['status'], '1')
        nt.assert_equal(res['page_number'], 1)
Exemple #46
0
 def setUp(self):
     super(TestSpamMixin, self).setUp()
     self.comment = CommentFactory()
     self.auth = Auth(user=self.comment.user)
Exemple #47
0
class TestUserSpamListView(AdminTestCase):
    def setUp(self):
        super(TestUserSpamListView, self).setUp()
        self.project = ProjectFactory(is_public=True)
        self.user_1 = AuthUserFactory()
        self.user_2 = AuthUserFactory()
        self.project.add_contributor(self.user_1)
        self.project.add_contributor(self.user_2)
        self.project.save()
        self.user_1.save()
        self.user_2.save()
        self.comment_1 = CommentFactory(node=self.project, user=self.user_1)
        self.comment_2 = CommentFactory(node=self.project, user=self.user_1)
        self.comment_3 = CommentFactory(node=self.project, user=self.user_1)
        self.comment_4 = CommentFactory(node=self.project, user=self.user_1)
        self.comment_5 = CommentFactory(node=self.project, user=self.user_2)
        self.comment_6 = CommentFactory(node=self.project, user=self.user_2)
        self.comment_1.report_abuse(user=self.user_2, save=True,
                                    category='spam')
        self.comment_2.report_abuse(user=self.user_2, save=True,
                                    category='spam')
        self.comment_3.report_abuse(user=self.user_2, save=True,
                                    category='spam')
        self.comment_4.report_abuse(user=self.user_2, save=True,
                                    category='spam')
        self.comment_5.report_abuse(user=self.user_1, save=True,
                                    category='spam')
        self.comment_6.report_abuse(user=self.user_1, save=True,
                                    category='spam')
        self.request = RequestFactory().get('/fake_path')
        self.view = UserSpamList()
        self.view = setup_view(self.view, self.request, user_id=self.user_1._id)

    def test_get_user_spam(self):
        res = list(self.view.get_queryset())
        nt.assert_equal(len(res), 4)

    def test_get_context_data(self):
        self.view.object_list = self.view.get_queryset()
        res = self.view.get_context_data()
        nt.assert_is_instance(res['spam'], list)
        nt.assert_is_instance(res['spam'][0], dict)
        nt.assert_equal(res['status'], '1')
        nt.assert_equal(res['page_number'], 1)
        nt.assert_equal(res['user_id'], self.user_1._id)
Exemple #48
0
class TestSpamMixin(OsfTestCase):

    def setUp(self):
        super(TestSpamMixin, self).setUp()
        self.comment = CommentFactory()
        self.auth = Auth(user=self.comment.user)

    def test_report_abuse(self):
        user = UserFactory()
        time = timezone.now()
        self.comment.report_abuse(
            user, date=time, category='spam', text='ads', save=True)
        assert_equal(self.comment.spam_status, SpamStatus.FLAGGED)
        equivalent = dict(
            date=time,
            category='spam',
            text='ads',
            retracted=False
        )
        assert_in(user._id, self.comment.reports)
        assert_equal(self.comment.reports[user._id], equivalent)

    def test_report_abuse_own_comment(self):
        with assert_raises(ValueError):
            self.comment.report_abuse(
                self.comment.user,
                category='spam', text='ads',
                save=True
            )
        assert_equal(self.comment.spam_status, SpamStatus.UNKNOWN)

    def test_retract_report(self):
        user = UserFactory()
        time = timezone.now()
        self.comment.report_abuse(
            user, date=time, category='spam', text='ads', save=True
        )
        assert_equal(self.comment.spam_status, SpamStatus.FLAGGED)
        self.comment.retract_report(user, save=True)
        assert_equal(self.comment.spam_status, SpamStatus.UNKNOWN)
        equivalent = {
            'date': time,
            'category': 'spam',
            'text': 'ads',
            'retracted': True
        }
        assert_in(user._id, self.comment.reports)
        assert_equal(self.comment.reports[user._id], equivalent)

    def test_retract_report_not_reporter(self):
        reporter = UserFactory()
        non_reporter = UserFactory()
        self.comment.report_abuse(
            reporter, category='spam', text='ads', save=True
        )
        with assert_raises(ValueError):
            self.comment.retract_report(non_reporter, save=True)
        assert_equal(self.comment.spam_status, SpamStatus.FLAGGED)

    def test_retract_one_report_of_many(self):
        user_1 = UserFactory()
        user_2 = UserFactory()
        time = timezone.now()
        self.comment.report_abuse(
            user_1, date=time, category='spam', text='ads', save=True
        )
        assert_equal(self.comment.spam_status, SpamStatus.FLAGGED)
        self.comment.report_abuse(
            user_2, date=time, category='spam', text='all', save=True
        )
        self.comment.retract_report(user_1, save=True)
        equivalent = {
            'date': time,
            'category': 'spam',
            'text': 'ads',
            'retracted': True
        }
        assert_in(user_1._id, self.comment.reports)
        assert_equal(self.comment.reports[user_1._id], equivalent)
        assert_equal(self.comment.spam_status, SpamStatus.FLAGGED)

    def test_flag_spam(self):
        self.comment.flag_spam()
        self.comment.save()
        assert_equal(self.comment.spam_status, SpamStatus.FLAGGED)

    def test_cannot_remove_flag_not_retracted(self):
        user = UserFactory()
        self.comment.report_abuse(
            user, category='spam', text='ads', save=True
        )
        self.comment.remove_flag(save=True)
        assert_equal(self.comment.spam_status, SpamStatus.FLAGGED)

    def test_remove_flag(self):
        self.comment.flag_spam()
        self.comment.save()
        assert_equal(self.comment.spam_status, SpamStatus.FLAGGED)
        self.comment.remove_flag(save=True)
        assert_equal(self.comment.spam_status, SpamStatus.UNKNOWN)

    def test_confirm_ham(self):
        self.comment.confirm_ham(save=True)
        assert_equal(self.comment.spam_status, SpamStatus.HAM)

    def test_confirm_spam(self):
        self.comment.confirm_spam(save=True)
        assert_equal(self.comment.spam_status, SpamStatus.SPAM)

    def test_validate_reports_bad_key(self):
        self.comment.reports[None] = {'category': 'spam', 'text': 'ads'}
        with assert_raises(ValidationError):
            self.comment.save()

    def test_validate_reports_bad_type(self):
        self.comment.reports[self.comment.user._id] = 'not a dict'
        with assert_raises(ValidationError):
            self.comment.save()

    def test_validate_reports_bad_value(self):
        self.comment.reports[self.comment.user._id] = {'foo': 'bar'}
        with assert_raises(ValidationError):
            self.comment.save()