def test_webhook_handler_admin(self): """Test WEBHOOK view works for admin.""" # Admin self.register() self.signin() self.signout() # User self.register(name="user", password="******") self.signin(email="*****@*****.**", password="******") owner = user_repo.get(2) self.signout() # Access as admin self.signin() project = ProjectFactory.create(owner=owner) url = "/project/%s/webhook" % project.short_name res = self.app.get(url) assert res.status_code == 200, res.status_code assert "Created" in res.data assert "Payload" in res.data url = "/project/%s/webhook?all=true" % project.short_name res = self.app.get(url) assert res.status_code == 200, res.status_code assert "Created" in res.data assert "Payload" in res.data url = "/project/%s/webhook?failed=true" % project.short_name res = self.app.get(url) assert res.status_code == 200, res.status_code assert "Created" in res.data assert "Payload" in res.data
def test_webhook_handler_failed(self, q): """Test WEBHOOK requeing failed works.""" self.register() self.signin() user = user_repo.get(1) project = ProjectFactory.create(owner=user, webhook='server') task = TaskFactory.create(project=project, n_answers=1) AnonymousTaskRunFactory.create(project=project, task=task) payload = self.payload(project, task) wh = Webhook(project_id=project.id, payload=payload, response='error', response_status_code=500) webhook_repo.save(wh) wh2 = Webhook(project_id=project.id, payload=payload, response='ok', response_status_code=200) webhook_repo.save(wh2) wh3 = Webhook(project_id=project.id, payload=payload, response='ok', response_status_code=200) webhook_repo.save(wh3) wh = webhook_repo.get(1) url = "/project/%s/webhook?failed=true" % (project.short_name) res = self.app.get(url) assert res.status_code == 200, res.status_code q.assert_called_once_with(webhook, project.webhook, wh.payload, wh.id)
def test_get_inactive_users_returns_jobs(self): """Test JOB get inactive users returns a list of jobs.""" today = datetime.datetime.today() old_date = today - datetime.timedelta(days=120) date_str = old_date.strftime('%Y-%m-%dT%H:%M:%S.%f') one_year = today - datetime.timedelta(days=365) one_year_str = one_year.strftime('%Y-%m-%dT%H:%M:%S.%f') user = UserFactory.create() # 3 months old contribution tr = TaskRunFactory.create(finish_time=date_str) # 1 year old contribution TaskRunFactory.create(finish_time=one_year_str) # User with a contribution from a long time ago TaskRunFactory.create(finish_time="2010-08-08T18:23:45.714110", user=user) # User with a recent contribution TaskRunFactory.create(user=user) user = user_repo.get(tr.user_id) jobs_generator = get_inactive_users_jobs() jobs = [] for job in jobs_generator: jobs.append(job) msg = "There should be one job." print jobs assert len(jobs) == 1, msg job = jobs[0] args = job['args'][0] assert job['queue'] == 'quaterly', job['queue'] assert len(args['recipients']) == 1 assert args['recipients'][0] == user.email_addr, args['recipients'][0] assert "UNSUBSCRIBE" in args['body'] assert "Update" in args['html']
def test_child_projects_not_built_from_non_iiif_templates(self): """Test that only IIIF projects can be built from parents.""" self.register() user = user_repo.get(1) vol = dict(id='123abc', name='My Volume', importer='foo') category = CategoryFactory() tmpl_fixtures = TemplateFixtures(category) select_task = tmpl_fixtures.iiif_select_tmpl parent_tmpl = tmpl_fixtures.create(task_tmpl=select_task) child_tmpl = tmpl_fixtures.create(task_tmpl=select_task) child_tmpl['parent_template_id'] = parent_tmpl['id'] category.info = dict(presenter='iiif-annotation', volumes=[vol], templates=[parent_tmpl, child_tmpl]) project_repo.update_category(category) parent = ProjectFactory(owner=user, category=category, info=dict(template_id=parent_tmpl['id'], volume_id=vol['id'])) endpoint = '/lc/projects/{}/new'.format(category.short_name) form_data = dict(name='foo', short_name='bar', template_id=child_tmpl['id'], volume_id=vol['id']) res = self.app_post_json(endpoint, data=form_data) res_data = json.loads(res.data) msg = 'Only IIIF projects can be built from parents.' assert_equal(res_data['flash'], msg)
def test_webhook_handler_admin(self): """Test WEBHOOK view works for admin.""" # Admin self.register() self.signout() # User self.register(name="user", password="******") owner = user_repo.get(2) self.signout() # Access as admin self.signin() project = ProjectFactory.create(owner=owner) url = "/project/%s/webhook" % project.short_name res = self.app.get(url) assert res.status_code == 200, res.status_code assert "Created" in res.data assert "Payload" in res.data url = "/project/%s/webhook?all=true" % project.short_name res = self.app.get(url) assert res.status_code == 200, res.status_code assert "Created" in res.data assert "Payload" in res.data url = "/project/%s/webhook?failed=true" % project.short_name res = self.app.get(url) assert res.status_code == 200, res.status_code assert "Created" in res.data assert "Payload" in res.data
def test_webhook_handler_all(self, q): """Test WEBHOOK requeing all works.""" self.register() self.signin() user = user_repo.get(1) project = ProjectFactory.create(owner=user, webhook='server') task = TaskFactory.create(project=project, n_answers=1) AnonymousTaskRunFactory.create(project=project, task=task) payload = self.payload(project, task) wh1 = Webhook(project_id=project.id, payload=payload, response='error', response_status_code=500) webhook_repo.save(wh1) wh2 = Webhook(project_id=project.id, payload=payload, response='ok', response_status_code=200) webhook_repo.save(wh2) wh3 = Webhook(project_id=project.id, payload=payload, response='ok', response_status_code=200) webhook_repo.save(wh3) whs = webhook_repo.filter_by(project_id=project.id) url = "/project/%s/webhook?all=true" % (project.short_name) res = self.app.get(url) assert res.status_code == 200, res.status_code calls = [] for w in whs: calls.append(call(webhook, project.webhook, w.payload, w.id)) q.assert_has_calls(calls)
def test_send_mail_creates_message_mailchimp_error(self, mailchimp, Message, mail): with patch.dict(self.flask_app.config, {'MAILCHIMP_API_KEY': 'k-3', 'MAILCHIMP_LIST_ID': 1}): user = UserFactory.create() user_id = user.id brand = 'PYBOSSA' subject = '[%s]: Your account has been deleted' % brand body = """Hi,\n Your account and personal data has been deleted from %s.""" % brand body += '\nWe could not delete your Mailchimp account, please contact us to fix this issue.' admin_addr = '*****@*****.**' recipients = [user.email_addr] + current_app.config.get('ADMINS', []) mail_dict = dict(recipients=recipients, subject=subject, body=body, bcc=[admin_addr]) user_old = user.dictize() delete_account(user.id, '*****@*****.**') Message.assert_called_once_with(**mail_dict) mail.send.assert_called_once_with(Message()) user_new = user_repo.get(user_id) assert user_new.name != user_old['name'] assert user_new.fullname != user_old['fullname'] assert user_new.email_addr != user_old['email_addr'] assert not user_new.info assert not user_new.user_pref
def test_send_mail_creates_message_mailchimp_ok(self, mailchimp, Message, mail): with patch.dict(self.flask_app.config, { 'MAILCHIMP_API_KEY': 'k-3', 'MAILCHIMP_LIST_ID': 1 }): user = UserFactory.create() user_id = user.id brand = 'PYBOSSA' subject = '[%s]: Your account has been deleted' % brand body = """Hi,\nYour account and personal data has been deleted from %s.""" % brand recipients = [user.email_addr, '*****@*****.**'] mail_dict = dict(recipients=recipients, subject=subject, body=body) mailchimp.side_effect = [ FakeResponse(text=json.dumps(dict(status=204)), json=lambda: '', status_code=204) ] delete_account(user.id) Message.assert_called_once_with(**mail_dict) mail.send.assert_called_once_with(Message()) user = user_repo.get(user_id) assert user is None
def test_get_inactive_users_returns_jobs(self): """Test JOB get inactive users returns a list of jobs.""" today = datetime.datetime.today() old_date = today - datetime.timedelta(days=120) date_str = old_date.strftime('%Y-%m-%dT%H:%M:%S.%f') one_year = today - datetime.timedelta(days=365) one_year_str = one_year.strftime('%Y-%m-%dT%H:%M:%S.%f') user = UserFactory.create() # 3 months old contribution tr = TaskRunFactory.create(finish_time=date_str) # 1 year old contribution TaskRunFactory.create(finish_time=one_year_str) # User with a contribution from a long time ago TaskRunFactory.create(finish_time="2010-08-08T18:23:45.714110", user=user) # User with a recent contribution TaskRunFactory.create(user=user) user = user_repo.get(tr.user_id) jobs_generator = get_inactive_users_jobs() jobs = [] for job in jobs_generator: jobs.append(job) msg = "There should be one job." print jobs assert len(jobs) == 1, msg job = jobs[0] args = job['args'][0] assert job['queue'] == 'quaterly', job['queue'] assert len(args['recipients']) == 1 assert args['recipients'][0] == user.email_addr, args['recipients'][0] assert "UNSUBSCRIBE" in args['body'] assert "Update" in args['html']
def projects(name): """ List user's project list. Returns a Jinja2 template with the list of projects of the user. """ user = user_repo.get_by_name(name) if not user: return abort(404) if current_user.name != name: return abort(403) user = user_repo.get(current_user.id) args = get_project_browse_args(request.args) projects_published, projects_draft = _get_user_projects(user.id, args) sort_options = { "columns": { "entries": columns, "id": "project-column-selection", "current_selection": args["column"] }, "directions": { "entries": directions, "id": "project-dir-selection", "current_selection": args["order"] } } return render_template('account/projects.html', title=gettext("Projects"), projects_published=projects_published, projects_draft=projects_draft, sort_options=sort_options)
def newsletter_subscribe(): """ Register method for subscribing user to PyBossa newsletter. Returns a Jinja2 template """ # Save that we've prompted the user to sign up in the newsletter if newsletter.is_initialized() and current_user.is_authenticated(): next_url = request.args.get('next') or url_for('home.home') user = user_repo.get(current_user.id) if current_user.newsletter_prompted is False: user.newsletter_prompted = True user_repo.update(user) if request.args.get('subscribe') == 'True': newsletter.subscribe_user(user) flash("You are subscribed to our newsletter!") return redirect(next_url) elif request.args.get('subscribe') == 'False': return redirect(next_url) else: return render_template('account/newsletter.html', title=gettext("Subscribe to our Newsletter"), next=next_url) else: return abort(404)
def delete_account(user_id, admin_addr, **kwargs): """Delete user account from the system.""" from pybossa.core import (user_repo, uploader) user = user_repo.get(user_id) container = "user_%s" % user.id if user.info.get('avatar'): uploader.delete_file(user.info['avatar'], container) email = user.email_addr if current_app.config.get('MAILCHIMP_API_KEY'): from pybossa.core import newsletter newsletter.init_app(current_app) mailchimp_deleted = newsletter.delete_user(email) else: mailchimp_deleted = True brand = current_app.config.get('BRAND') user_repo.delete_data(user) subject = '[%s]: Your account has been deleted' % brand body = """Hi,\n Your account and personal data has been deleted from %s.""" % brand if not mailchimp_deleted: body += '\nWe could not delete your Mailchimp account, please contact us to fix this issue.' if current_app.config.get('DISQUS_SECRET_KEY'): body += '\nDisqus does not provide an API method to delete your account. You will have to do it by hand yourself in the disqus.com site.' recipients = [email] bcc = [admin_addr] mail_dict = dict(recipients=recipients, bcc=bcc, subject=subject, body=body) send_mail(mail_dict, mail_all=True)
def test_send_mail_creates_message_mailchimp_disquss(self, mailchimp, Message, mail): with patch.dict(self.flask_app.config, {'MAILCHIMP_API_KEY': 'k-3', 'MAILCHIMP_LIST_ID': 1, 'DISQUS_SECRET_KEY': 'key'}): user = UserFactory.create() user_id = user.id brand = 'PYBOSSA' subject = '[%s]: Your account has been deleted' % brand body = """Hi,\n Your account and personal data has been deleted from %s.""" % brand body += '\nDisqus does not provide an API method to delete your account. You will have to do it by hand yourself in the disqus.com site.' admin_addr = '*****@*****.**' recipients = [user.email_addr] + current_app.config.get('ADMINS', []) mail_dict = dict(recipients=recipients, subject=subject, body=body, bcc=[admin_addr]) user_old = user.dictize() mailchimp.side_effect = [FakeResponse(text=json.dumps(dict(status=204)), json=lambda : '', status_code=204)] delete_account(user.id, admin_addr) Message.assert_called_once_with(**mail_dict) mail.send.assert_called_once_with(Message()) user_new = user_repo.get(user_id) assert user_new.name != user_old['name'] assert user_new.fullname != user_old['fullname'] assert user_new.email_addr != user_old['email_addr'] assert not user_new.info assert not user_new.user_pref
def confirm_email(): """Send email to confirm user email.""" acc_conf_dis = current_app.config.get('ACCOUNT_CONFIRMATION_DISABLED') if acc_conf_dis: return abort(404) if current_user.valid_email is False: user = user_repo.get(current_user.id) account = dict(fullname=current_user.fullname, name=current_user.name, email_addr=current_user.email_addr) confirm_url = get_email_confirmation_url(account) subject = ('Verify your email in %s' % current_app.config.get('BRAND')) msg = dict(subject=subject, recipients=[current_user.email_addr], body=render_template('/account/email/validate_email.md', user=account, confirm_url=confirm_url)) msg['html'] = render_template('/account/email/validate_email.html', user=account, confirm_url=confirm_url) mail_queue.enqueue(send_mail, msg) msg = gettext("An e-mail has been sent to \ validate your e-mail address.") flash(msg, 'info') user.confirmation_email_sent = True user_repo.update(user) return redirect_content_type(url_for('.profile', name=current_user.name))
def add_subadmin(user_id=None): """Add subadmin flag for user_id.""" try: if user_id: user = user_repo.get(user_id) if not user: return format_error('User not found', 404) if not user.enabled: markup = Markup('<strong>{}</strong> {} <strong>{}</strong>') flash( markup.format(gettext('User account '), user.fullname, gettext(' is disabled'))) return redirect(url_for(".subadminusers")) if not can_have_super_user_access(user): markup = Markup('<strong>{} {}</strong> {} {}') flash( markup.format(gettext('Denied subadmin privileges to'), user.fullname, user.email_addr, 'disqualify for subadmin access.')) return redirect_content_type(url_for(".subadminusers")) ensure_authorized_to('update', user) user.subadmin = True user_repo.update(user) msg = generate_invitation_email_for_admins_subadmins( user, "Subadmin") if msg: mail_queue.enqueue(send_mail, msg) return redirect(url_for(".subadminusers")) except Exception as e: # pragma: no cover current_app.logger.error(e) return abort(500)
def newsletter_subscribe(): """ Register method for subscribing user to PYBOSSA newsletter. Returns a Jinja2 template """ # Save that we've prompted the user to sign up in the newsletter if newsletter.is_initialized() and current_user.is_authenticated(): next_url = request.args.get('next') or url_for('home.home') user = user_repo.get(current_user.id) if current_user.newsletter_prompted is False: user.newsletter_prompted = True user_repo.update(user) if request.args.get('subscribe') == 'True': newsletter.subscribe_user(user) flash("You are subscribed to our newsletter!", 'success') return redirect_content_type(next_url) elif request.args.get('subscribe') == 'False': return redirect_content_type(next_url) else: response = dict(template='account/newsletter.html', title=gettext("Subscribe to our Newsletter"), next=next_url) return handle_content_type(response) else: return abort(404)
def newsletter_subscribe(): """ Register method for subscribing user to PyBossa newsletter. Returns a Jinja2 template """ # Save that we've prompted the user to sign up in the newsletter if newsletter.app and current_user.is_authenticated(): next_url = request.args.get('next') or url_for('home.home') user = user_repo.get(current_user.id) if current_user.newsletter_prompted is False: user.newsletter_prompted = True user_repo.update(user) if request.args.get('subscribe') == 'True': newsletter.subscribe_user(user) flash("You are subscribed to our newsletter!") return redirect(next_url) elif request.args.get('subscribe') == 'False': return redirect(next_url) else: return render_template( 'account/newsletter.html', title=gettext("Subscribe to our Newsletter"), next=next_url) else: return abort(404)
def test_webhook_handler_all(self, q): """Test WEBHOOK requeing all works.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user, webhook='server') task = TaskFactory.create(project=project, n_answers=1) AnonymousTaskRunFactory.create(project=project, task=task) payload = self.payload(project, task) wh1 = Webhook(project_id=project.id, payload=payload, response='error', response_status_code=500) webhook_repo.save(wh1) wh2 = Webhook(project_id=project.id, payload=payload, response='ok', response_status_code=200) webhook_repo.save(wh2) wh3 = Webhook(project_id=project.id, payload=payload, response='ok', response_status_code=200) webhook_repo.save(wh3) whs = webhook_repo.filter_by(project_id=project.id) url = "/project/%s/webhook?all=true" % (project.short_name) res = self.app.get(url) assert res.status_code == 200, res.status_code calls = [] for w in whs: calls.append(call(webhook, project.webhook, w.payload, w.id, True)) q.assert_has_calls(calls)
def test_send_mail_creates_message_mailchimp_disquss( self, mailchimp, Message, mail): with patch.dict( self.flask_app.config, { 'MAILCHIMP_API_KEY': 'k-3', 'MAILCHIMP_LIST_ID': 1, 'DISQUS_SECRET_KEY': 'key' }): user = UserFactory.create() user_id = user.id brand = 'PYBOSSA' subject = '[%s]: Your account has been deleted' % brand body = """Hi,\n Your account and personal data has been deleted from the %s.""" % brand body += '\nDisqus does not provide an API method to delete your account. You will have to do it by hand yourself in the disqus.com site.' recipients = [user.email_addr, '*****@*****.**'] mail_dict = dict(recipients=recipients, subject=subject, body=body) mailchimp.side_effect = [ FakeResponse(text=json.dumps(dict(status=204)), json=lambda: '', status_code=204) ] delete_account(user.id) Message.assert_called_once_with(**mail_dict) mail.send.assert_called_once_with(Message()) user = user_repo.get(user_id) assert user is None
def test_project_report_delete_existing_report(self, mock_zip_exists): """Test project report is generated with deleting existing report zip""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?type=project&format=csv' % project.short_name res = self.app.get(url, follow_redirects=True)
def test_project_report_delete_existing_report(self, mock_zip_exists): """Test project report is generated with deleting existing report zip""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?type=project&format=csv' % project.short_name res = self.app.get(url, follow_redirects=True)
def test_admin_owner_can_access_project_report(self): """Test admin can access project report""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 200, res.data
def test_project_report_no_zip_without_uploader(self, mock_no_up): """Test project report does not returns zip with no uploader instance """ self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?type=project&format=csv' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 500, res.data
def test_admin_owner_can_access_project_report_with_params(self): """Test project report works when accessed with correct params""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?type=project&format=csv' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 200, res.data
def test_project_report_with_bad_params_results_404(self): """Test project report accessed with incorrect params returns 404""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?badparam=badval' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 404, res.data
def test_project_report_with_bad_format_results_415(self): """Test project report accessed with bad format returns 415""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?type=project&format=badfmt' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 415, res.data
def test_project_report_no_zip_without_uploader(self, mock_no_up): """Test project report does not returns zip with no uploader instance """ self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?type=project&format=csv' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 500, res.data
def test_admin_owner_can_access_project_report_with_params(self): """Test project report works when accessed with correct params""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?type=project&format=csv' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 200, res.data
def test_admin_owner_can_access_project_report(self): """Test admin can access project report""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 200, res.data
def test_project_report_with_bad_format_results_415(self): """Test project report accessed with bad format returns 415""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?type=project&format=badfmt' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 415, res.data
def test_project_report_with_bad_params_results_404(self): """Test project report accessed with incorrect params returns 404""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?badparam=badval' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 404, res.data
def test_project_report_with_bad_type_results_404(self): """Test project report accessed with bad type returns 404""" self.register() self.signin() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export?type=badtype&format=csv' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 404, res.data
def test_project_report_delete_existing_report(self, mock_os_remove): """Test project report is generated with deleting existing report zip""" self.register() self.signin() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = '/project/%s/projectreport/export' % project.short_name res = self.app.post(url) assert mock_os_remove.called
def wallet(name): user = user_repo.get_by_name(name) if not user: return abort(404) if current_user.name != name: return abort(403) user = user_repo.get(current_user.id) response = dict(template='account/wallet.html', title=gettext("Wallet")) return handle_content_type(response)
def test_webhook_handler_auth(self): """Test WEBHOOK view works for authenticated not owner.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) self.signout() res = self.register(name="juan") url = "/project/%s/webhook" % project.short_name res = self.app.get(url) assert res.status_code == 403, res.status_code
def test_stream_uri_private_owner(self, mock_response, mock_sse): """Test stream URI private owner works.""" mock_sse.return_value = self.fake_sse_response self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) private_uri = '/project/%s/privatestream' % project.short_name self.app.get(private_uri, follow_redirects=True) assert mock_sse.called assert mock_sse.called_once_with(project.short_name, 'private')
def test_get_non_contrib_users_jobs_with_users(self): """Test JOB get with users returns empty list.""" TaskRunFactory.create() user = user_repo.get(1) jobs = get_non_contributors_users_jobs() msg = "There should not be any job." assert len(jobs) == 1, msg job = jobs[0] args = job['args'][0] assert args['recipients'][0] == user.email_addr, args['recipients'][1]
def test_stream_uri_private_owner_404(self): """Test stream URI private return 404 when SSE disabled for owner works.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) private_uri = '/project/%s/privatestream' % project.short_name with patch.dict(self.flask_app.config, {'SSE': False}): res = self.app.get(private_uri, follow_redirects=True) assert res.status_code == 404
def test_webhook_handler_owner(self): """Test WEBHOOK view works for owner.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = "/project/%s/webhook" % project.short_name res = self.app.get(url) assert res.status_code == 200, res.status_code assert "Created" in res.data assert "Payload" in res.data
def test_stream_uri_private_auth(self): """Test stream URI private auth but not owner works.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) self.signout() self.register(fullname='Juan', name='juan', password='******') private_uri = '/project/%s/privatestream' % project.short_name res = self.app.get(private_uri, follow_redirects=True) assert res.status_code == 403, res.data
def test_stream_uri_private_auth(self): """Test stream URI private auth but not owner works.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) self.signout() self.register(fullname='Juan', name='juan', password='******') private_uri = '/project/%s/privatestream' % project.short_name res = self.app.get(private_uri, follow_redirects=True) assert res.status_code == 403, res.data
def test_webhook_handler_owner(self): """Test WEBHOOK view works for owner.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) url = "/project/%s/webhook" % project.short_name res = self.app.get(url) assert res.status_code == 200, res.status_code assert "Created" in res.data assert "Payload" in res.data
def test_webhook_handler_auth(self): """Test WEBHOOK view works for authenticated not owner.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) self.signout() res = self.register(name="juan") url = "/project/%s/webhook" % project.short_name res = self.app.get(url) assert res.status_code == 403, res.status_code
def test_stream_uri_private_owner_404(self): """Test stream URI private return 404 when SSE disabled for owner works.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) private_uri = '/project/%s/privatestream' % project.short_name with patch.dict(self.flask_app.config, {'SSE': False}): res = self.app.get(private_uri, follow_redirects=True) assert res.status_code == 404
def test_stream_uri_private_owner(self, mock_response, mock_sse): """Test stream URI private owner works.""" mock_sse.return_value = self.fake_sse_response self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) private_uri = '/project/%s/privatestream' % project.short_name self.app.get(private_uri, follow_redirects=True) assert mock_sse.called assert mock_sse.called_once_with(project.short_name, 'private')
def test_nonadmin_noncoowner_access_project_report_results_403(self): """Test nonadmin noncoowner accessing project report returns 403""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) self.signout() self.register(fullname='Juan', name='juan', password='******') self.signin(email="*****@*****.**", password='******') url = '/project/%s/projectreport/export' % project.short_name res = self.app.get(url, follow_redirects=True) assert res.status_code == 403, res.data
def test_newsletter_subscribe(self, newsletter): """Test NEWSLETTER view subcribe works.""" newsletter.is_initialized.return_value = True newsletter.ask_user_to_subscribe.return_value = True self.register() res = self.app.get("/account/newsletter?subscribe=True", follow_redirects=True) err_msg = "User should be subscribed" user = user_repo.get(1) assert "You are subscribed" in res.data, err_msg assert newsletter.subscribe_user.called, err_msg newsletter.subscribe_user.assert_called_with(user)
def test_newsletter_subscribe_next(self, newsletter): """Test NEWSLETTER view subscribe next works.""" newsletter.app = True self.register() next_url = '%2Faccount%2Fjohndoe%2Fupdate' url ='/account/newsletter?subscribe=True&next=%s' % next_url res = self.app.get(url, follow_redirects=True) err_msg = "User should be subscribed" user = user_repo.get(1) assert "You are subscribed" in res.data, err_msg assert newsletter.subscribe_user.called, err_msg newsletter.subscribe_user.assert_called_with(user) assert "Update" in res.data, res.data
def test_get_non_contrib_users_jobs_with_users(self): """Test JOB get with users returns empty list.""" TaskRunFactory.create() user = user_repo.get(1) jobs_generator = get_non_contributors_users_jobs() jobs = [] for job in jobs_generator: jobs.append(job) msg = "There should not be any job." assert len(jobs) == 1, msg job = jobs[0] args = job['args'][0] assert args['recipients'][0] == user.email_addr, args['recipients'][1]
def _handle_password_update(user, password_form): if password_form.validate_on_submit(): user = user_repo.get(user.id) if user.check_password(password_form.current_password.data): user.set_password(password_form.new_password.data) user_repo.update(user) flash(gettext('Yay, you changed your password succesfully!'), 'success') else: msg = gettext("Your current password doesn't match the " "one in our records") flash(msg, 'error') else: flash(gettext('Please correct the errors'), 'error')
def test_webhook_handler_post_oid_404(self): """Test WEBHOOK post oid 404 works.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) task = TaskFactory.create(project=project, n_answers=1) AnonymousTaskRunFactory.create(project=project, task=task) payload = self.payload(project, task) webhook = Webhook(project_id=project.id, payload=payload, response='OK', response_status_code=200) webhook_repo.save(webhook) url = "/project/%s/webhook/%s" % (project.short_name, 9999) res = self.app.post(url) assert res.status_code == 404, res.status_code
def export_userdata(user_id, **kwargs): from pybossa.core import user_repo, project_repo, task_repo, result_repo from flask import current_app, url_for json_exporter = JsonExporter() user = user_repo.get(user_id) user_data = user.dictize() del user_data['passwd_hash'] projects = project_repo.filter_by(owner_id=user.id) projects_data = [project.dictize() for project in projects] taskruns = task_repo.filter_task_runs_by(user_id=user.id) taskruns_data = [tr.dictize() for tr in taskruns] pdf = json_exporter._make_zip(None, '', 'personal_data', user_data, user_id, 'personal_data.zip') upf = json_exporter._make_zip(None, '', 'user_projects', projects_data, user_id, 'user_projects.zip') ucf = json_exporter._make_zip(None, '', 'user_contributions', taskruns_data, user_id, 'user_contributions.zip') upload_method = current_app.config.get('UPLOAD_METHOD') if upload_method == 'local': upload_method = 'uploads.uploaded_file' personal_data_link = url_for(upload_method, filename="user_%s/%s" % (user_id, pdf)) personal_projects_link = url_for(upload_method, filename="user_%s/%s" % (user_id, upf)) personal_contributions_link = url_for(upload_method, filename="user_%s/%s" % (user_id, ucf)) body = render_template('/account/email/exportdata.md', user=user.dictize(), personal_data_link=personal_data_link, personal_projects_link=personal_projects_link, personal_contributions_link=personal_contributions_link, config=current_app.config) html = render_template('/account/email/exportdata.html', user=user.dictize(), personal_data_link=personal_data_link, personal_projects_link=personal_projects_link, personal_contributions_link=personal_contributions_link, config=current_app.config) subject = 'Your personal data' mail_dict = dict(recipients=[user.email_addr], subject=subject, body=body, html=html) send_mail(mail_dict)
def test_get_inactive_users_returns_jobs_unsubscribed(self): """Test JOB get inactive users returns an empty list of jobs.""" tr = TaskRunFactory.create(finish_time="2010-07-07T17:23:45.714210") user = user_repo.get(tr.user_id) user.subscribed = False user_repo.update(user) jobs_generator = get_inactive_users_jobs() jobs = [] for job in jobs_generator: jobs.append(job) msg = "There should be zero jobs." assert len(jobs) == 0, msg
def test_get_non_contrib_users_returns_unsubscribed_jobs(self): """Test JOB get non contrib users returns a list of jobs.""" TaskRunFactory.create() user = user_repo.get(1) user.subscribed = False user_repo.update(user) jobs_generator = get_non_contributors_users_jobs() jobs = [] for job in jobs_generator: jobs.append(job) msg = "There should be zero jobs." assert len(jobs) == 0, msg
def test_stream_uri_private_admin_404(self): """Test stream URI private returns 404 when sse disabled for admin but not owner works.""" with patch.dict(self.flask_app.config, {'SSE': False}): self.register() self.signout() self.register(fullname="name", name="name") user = user_repo.get(2) project = ProjectFactory.create(owner=user) private_uri = '/project/%s/privatestream' % project.short_name self.signout() # Sign in as admin self.signin() res = self.app.get(private_uri, follow_redirects=True) assert res.status_code == 404
def add_admin(user_id=None): """Add admin flag for user_id.""" try: if user_id: user = user_repo.get(user_id) if user: ensure_authorized_to('update', user) user.admin = True user_repo.update(user) return redirect(url_for(".users")) else: msg = "User not found" return format_error(msg, 404) except Exception as e: # pragma: no cover current_app.logger.error(e) return abort(500)
def test_stream_uri_private_admin(self, mock_response, mock_sse): """Test stream URI private admin but not owner works.""" mock_sse.return_value = self.fake_sse_response self.register() self.signout() self.register(fullname="name", name="name") user = user_repo.get(2) project = ProjectFactory.create(owner=user) private_uri = '/project/%s/privatestream' % project.short_name self.signout() # Sign in as admin self.signin() res = self.app.get(private_uri, follow_redirects=True) assert mock_sse.called assert mock_sse.called_once_with(project.short_name, 'private') assert res.status_code == 200 assert res.data == self.fake_sse_response, res.data
def get_export_task_jobs(): """Export tasks to zip""" from pybossa.core import db, user_repo from pybossa.model.app import App apps = db.slave_session.query(App).all() # Append all ZIP generation for each app as a task jobs = [] for app_x in apps: checkuser = user_repo.get(app_x.owner_id) # Check if Pro User, if yes use a shorter schedule schedule_hours = 24 if checkuser.pro: schedule_hours = 4 jobs.append(dict(name = project_export, args = [app_x.id], kwargs={}, interval=(schedule_hours * HOUR), timeout = (10 * MINUTE))) return jobs
def test_new_user_gets_newsletter_only_once(self, newsletter): """Test NEWSLETTER user gets newsletter only once works.""" newsletter.app = True res = self.register() dom = BeautifulSoup(res.data) user = user_repo.get(1) err_msg = "There should be a newsletter page." assert dom.find(id='newsletter') is not None, err_msg assert dom.find(id='signmeup') is not None, err_msg assert dom.find(id='notinterested') is not None, err_msg assert user.newsletter_prompted is True, err_msg self.signout() res = self.signin() dom = BeautifulSoup(res.data) assert dom.find(id='newsletter') is None, err_msg assert dom.find(id='signmeup') is None, err_msg assert dom.find(id='notinterested') is None, err_msg
def test_webhook_handler_post_oid(self): """Test WEBHOOK post oid works.""" self.register() user = user_repo.get(1) project = ProjectFactory.create(owner=user) task = TaskFactory.create(project=project, n_answers=1) AnonymousTaskRunFactory.create(project=project, task=task) payload = self.payload(project, task) webhook = Webhook(project_id=project.id, payload=payload, response='OK', response_status_code=200) webhook_repo.save(webhook) webhook = webhook_repo.get(1) url = "/project/%s/webhook/%s" % (project.short_name, webhook.id) res = self.app.post(url) tmp = json.loads(res.data) assert res.status_code == 200, res.status_code assert tmp['payload']['project_short_name'] == project.short_name assert tmp['payload']['project_id'] == project.id assert tmp['payload']['task_id'] == task.id