def test_user_cannot_view_user_list(admin_client, user_client): """An unprivileged user should not be able to see private entries.""" post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) url = reverse("user-list", kwargs=V1) response = user_client.get(url, **HTTPS_KWARG) rjson = validate_response(response, status.HTTP_403_FORBIDDEN) assert "results" not in rjson
def test_admin_can_delete_all_entries(admin_client, user_client, alt_admin_client): # user schedule entry user_rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY) user_entry_name = user_rjson['name'] kws = {'pk': user_entry_name} kws.update(V1) user_url = reverse('schedule-detail', kwargs=kws) # admin user schedule entry alt_admin_rjson = post_schedule(alt_admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) alt_admin_entry_name = alt_admin_rjson['name'] kws = {'pk': alt_admin_entry_name} kws.update(V1) alt_admin_url = reverse('schedule-detail', kwargs=kws) response = admin_client.delete(user_url, **HTTPS_KWARG) validate_response(response, status.HTTP_204_NO_CONTENT) response = admin_client.delete(user_url, **HTTPS_KWARG) validate_response(response, status.HTTP_404_NOT_FOUND) response = admin_client.delete(alt_admin_url, **HTTPS_KWARG) validate_response(response, status.HTTP_204_NO_CONTENT) response = admin_client.delete(alt_admin_url, **HTTPS_KWARG) validate_response(response, status.HTTP_404_NOT_FOUND)
def test_user_cannot_view_private_entry_in_list(admin_client, user_client): """An unprivileged user should not be able to see private entries.""" post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) url = reverse('user-list', kwargs=V1) response = user_client.get(url, **HTTPS_KWARG) rjson = validate_response(response, status.HTTP_200_OK) admin_rjson = [user for user in rjson if user['username'] == 'admin'][0] assert admin_rjson['schedule_entries'] == []
def test_get_schedule(admin_client): url = reverse("schedule-list", kwargs=V1) rjson = validate_response(admin_client.get(url, **HTTPS_KWARG)) assert rjson["results"] == EMPTY_SCHEDULE_RESPONSE post_schedule(admin_client, TEST_SCHEDULE_ENTRY) rjson = validate_response(admin_client.get(url, **HTTPS_KWARG)) assert rjson["count"] == 1 expected_name = TEST_SCHEDULE_ENTRY["name"] actual_name = rjson["results"][0]["name"] assert expected_name == actual_name
def test_get_schedule(user_client): url = reverse('schedule-list', kwargs=V1) rjson = validate_response(user_client.get(url, **HTTPS_KWARG)) assert rjson == EMPTY_SCHEDULE_RESPONSE post_schedule(user_client, TEST_SCHEDULE_ENTRY) rjson = validate_response(user_client.get(url, **HTTPS_KWARG)) assert len(rjson) == 1 expected_name = TEST_SCHEDULE_ENTRY['name'] actual_name = rjson[0]['name'] assert expected_name == actual_name
def test_validate_only_does_not_modify_schedule_with_good_entry(user_client): """A good entry with validate_only should return 200 only.""" # Ensure that a 200 "OK" is returned from the validator entry = TEST_SCHEDULE_ENTRY.copy() entry["validate_only"] = True expected_status = status.HTTP_204_NO_CONTENT post_schedule(user_client, entry, expected_status=expected_status) # Ensure that the entry didn't make it into the schedule entry_name = entry["name"] url = reverse_detail_url(entry_name) response = user_client.get(url, **HTTPS_KWARG) validate_response(response, status.HTTP_404_NOT_FOUND)
def test_validate_only_does_not_modify_schedule_with_bad_entry(user_client): """A bad entry with validate_only should return 400 only.""" # Ensure that a 400 "BAD REQUEST" is returned from the validator entry = TEST_SCHEDULE_ENTRY.copy() entry["interval"] = 1.5 # non-integer interval is invalid entry["validate_only"] = True expected_status = status.HTTP_400_BAD_REQUEST post_schedule(user_client, entry, expected_status=expected_status) # Ensure that the entry didn't make it into the schedule url = reverse_detail_url(entry["name"]) response = user_client.get(url, **HTTPS_KWARG) validate_response(response, status.HTTP_404_NOT_FOUND)
def test_user_can_view_non_private_user_entries(user_client, alt_user_client): # alt user schedule entry alt_user_rjson = post_schedule(alt_user_client, TEST_SCHEDULE_ENTRY) alt_user_entry_name = alt_user_rjson["name"] alt_user_entry_url = reverse_detail_url(alt_user_entry_name) response = user_client.get(alt_user_entry_url, **HTTPS_KWARG) validate_response(response, status.HTTP_200_OK)
def test_user_can_view_non_private_admin_entries(admin_client, user_client): # admin user schedule entry admin_rjson = post_schedule(admin_client, TEST_ALTERNATE_SCHEDULE_ENTRY) admin_entry_name = admin_rjson["name"] admin_entry_url = reverse_detail_url(admin_entry_name) response = user_client.get(admin_entry_url, **HTTPS_KWARG) validate_response(response, status.HTTP_200_OK)
def create_task_results(n, admin_client, entry_name=None): # We need an entry in the schedule to create TRs for try: entry = ScheduleEntry.objects.get(name=entry_name) except Exception: test_entry = TEST_SCHEDULE_ENTRY if entry_name is not None: test_entry["name"] = entry_name rjson = post_schedule(admin_client, test_entry) entry_name = rjson["name"] entry = ScheduleEntry.objects.get(name=entry_name) for i in range(n): started = timezone.now() tr = TaskResult( schedule_entry=entry, task_id=i + 1, started=started, finished=started + ONE_MICROSECOND, duration=ONE_MICROSECOND, status="success", detail="", ) tr.max_disk_usage = TEST_MAX_DISK_USAGE tr.save() return entry_name
def test_get_existing_entry_details_returns_200(admin_client): """Requesting details of existing entry should return 200.""" rjson = post_schedule(admin_client, TEST_SCHEDULE_ENTRY) entry_name = rjson["name"] url = reverse_detail_url(entry_name) response = admin_client.get(url, **HTTPS_KWARG) validate_response(response, status.HTTP_200_OK)
def create_task_results(n, user_client, entry_name=None): # We need an entry in the schedule to create TRs for try: entry = ScheduleEntry.objects.get(name=entry_name) except Exception: test_entry = TEST_SCHEDULE_ENTRY if entry_name is not None: test_entry['name'] = entry_name rjson = post_schedule(user_client, test_entry) entry_name = rjson['name'] entry = ScheduleEntry.objects.get(name=entry_name) for i in range(n): started = timezone.now() tr = TaskResult(schedule_entry=entry, task_id=i + 1, started=started, finished=started + ONE_MICROSECOND, duration=ONE_MICROSECOND, result='success', detail='') tr.max_results = TEST_MAX_TASK_RESULTS tr.save() return entry_name
def test_user_cannot_view_schedule_entry_detail(user_client, admin_client): admin_rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) admin_entry_name = admin_rjson["name"] kws = {"pk": admin_entry_name} kws.update(V1) admin_url = reverse("schedule-detail", kwargs=kws) response = user_client.get(admin_url) rjson = validate_response(response, status.HTTP_403_FORBIDDEN) assert rjson != EMPTY_SCHEDULE_RESPONSE
def test_user_cannot_post_private_schedule(user_client): """Unpriveleged users should not be able to create private entries.""" rjson = post_schedule(user_client, TEST_PRIVATE_SCHEDULE_ENTRY) entry_name = rjson["name"] url = reverse_detail_url(entry_name) response = user_client.get(url, **HTTPS_KWARG) assert not rjson["is_private"] validate_response(response, status.HTTP_200_OK) assert not response.data["is_private"]
def test_user_cannot_view_private_entry_details(admin_client, user_client): """A user attempting to access a private entry should receive 404.""" # Private indicates admin wants users to be unaware that the entry exists # on the system, hence 404 vs 403 (FORBIDDEN). rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) entry_name = rjson["name"] url = reverse_detail_url(entry_name) response = user_client.get(url, **HTTPS_KWARG) validate_response(response, status.HTTP_404_NOT_FOUND)
def test_private_schedule_entry_is_private(admin_client, user_client): rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) entry_name = rjson["name"] entry_url = reverse_detail_url(entry_name) user_response = user_client.get(entry_url, **HTTPS_KWARG) admin_user_response = admin_client.get(entry_url, **HTTPS_KWARG) validate_response(user_response, status.HTTP_404_NOT_FOUND) validate_response(admin_user_response, status.HTTP_200_OK)
def test_entry_posted_to_schedule_is_immediately_available(admin_client): rjson = post_schedule(admin_client, TEST_SCHEDULE_ENTRY) entry_name = rjson["name"] entry_url = reverse_detail_url(entry_name) user_response = admin_client.get(entry_url, **HTTPS_KWARG) for k, v in TEST_SCHEDULE_ENTRY.items(): assert rjson[k] == v validate_response(user_response, status.HTTP_200_OK)
def test_user_cannot_modify_any_other_entry(admin_client, user_client, alt_user_client): # alt user schedule entry alt_user_rjson = post_schedule(alt_user_client, TEST_SCHEDULE_ENTRY) alt_user_entry_name = alt_user_rjson["name"] user_adjust_alt_user_response = update_schedule( user_client, alt_user_entry_name, TEST_PRIVATE_SCHEDULE_ENTRY) # admin user schedule entry admin_rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) admin_entry_name = admin_rjson["name"] user_adjust_admin_response = update_schedule(user_client, admin_entry_name, TEST_SCHEDULE_ENTRY) validate_response(user_adjust_alt_user_response, status.HTTP_403_FORBIDDEN) # Admin's entry is private, hence 404 instead of 403 validate_response(user_adjust_admin_response, status.HTTP_404_NOT_FOUND)
def test_user_can_modify_their_entry(user_client): rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY) entry_name = rjson["name"] user_adjust_response = update_schedule(user_client, entry_name, TEST_ALTERNATE_SCHEDULE_ENTRY) validate_response(user_adjust_response, status.HTTP_200_OK) assert rjson["priority"] == 10 assert user_adjust_response.data["priority"] == 5
def simulate_multirec_acquisition(client, is_private=False, name=None): schedule_entry = SINGLE_MULTI_RECORDING_ACQUISITION.copy() schedule_entry["is_private"] = is_private if name is not None: schedule_entry["name"] = name entry = post_schedule(client, schedule_entry) simulate_scheduler_run() return entry["name"]
def test_admin_can_modify_all_entries(admin_client, alt_admin_client): # admin user schedule entry alt_admin_rjson = post_schedule(alt_admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) alt_admin_entry_name = alt_admin_rjson["name"] admin_adjust_alt_admin_response = update_schedule(admin_client, alt_admin_entry_name, TEST_SCHEDULE_ENTRY) validate_response(admin_adjust_alt_admin_response, status.HTTP_200_OK)
def test_detector(user_client, rf): # Put an entry in the schedule that we can refer to rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY) entry_name = rjson['name'] task_id = rjson['next_task_id'] # use mock_acquire set up in conftest.py by_name['mock_acquire'](entry_name, task_id) acquistion = Acquisition.objects.get(task_id=task_id) sigmf_metadata = acquistion.sigmf_metadata assert sigmf_validate(sigmf_metadata)
def test_admin_can_view_all_entries(admin_client, alt_admin_client): # alt admin user schedule entry alt_admin_rjson = post_schedule(alt_admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) alt_admin_entry_name = alt_admin_rjson["name"] kws = {"pk": alt_admin_entry_name} kws.update(V1) alt_admin_url = reverse("schedule-detail", kwargs=kws) response = admin_client.get(alt_admin_url, **HTTPS_KWARG) validate_response(response, status.HTTP_200_OK)
def test_user_cannot_delete_any_other_entry(admin_client, user_client, alt_user_client): # alt user schedule entry alt_user_rjson = post_schedule(alt_user_client, TEST_SCHEDULE_ENTRY) alt_user_entry_name = alt_user_rjson["name"] alt_user_entry_url = reverse_detail_url(alt_user_entry_name) user_delete_alt_user_response = user_client.delete(alt_user_entry_url, **HTTPS_KWARG) # admin user schedule entry admin_rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) admin_entry_name = admin_rjson["name"] admin_entry_url = reverse_detail_url(admin_entry_name) user_delete_admin_response = user_client.delete(admin_entry_url, **HTTPS_KWARG) validate_response(user_delete_alt_user_response, status.HTTP_403_FORBIDDEN) # Admin's entry is private, hence 404 instead of 403 validate_response(user_delete_admin_response, status.HTTP_404_NOT_FOUND)
def test_user_can_delete_their_entry(user_client): rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY) entry_name = rjson["name"] entry_url = reverse_detail_url(entry_name) # First attempt to delete should return 204 response = user_client.delete(entry_url, **HTTPS_KWARG) validate_response(response, status.HTTP_204_NO_CONTENT) # Second attempt to delete should return 404 response = user_client.delete(entry_url, **HTTPS_KWARG) validate_response(response, status.HTTP_404_NOT_FOUND)
def test_admin_can_use_negative_priority(admin_client): hipri = TEST_PRIVATE_SCHEDULE_ENTRY.copy() hipri["priority"] = -20 rjson = post_schedule(admin_client, hipri) entry_name = rjson["name"] kws = {"pk": entry_name} kws.update(V1) entry_url = reverse("schedule-detail", kwargs=kws) admin_user_respose = admin_client.get(entry_url, **HTTPS_KWARG) assert rjson["priority"] == -20 validate_response(admin_user_respose, status.HTTP_200_OK)
def test_admin_can_modify_all_entries(admin_client, user_client, alt_admin_client): # user schedule entry user_rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY) user_entry_name = user_rjson['name'] admin_adjust_user_response = update_schedule(admin_client, user_entry_name, TEST_PRIVATE_SCHEDULE_ENTRY) # admin user schedule entry alt_admin_rjson = post_schedule(alt_admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) alt_admin_entry_name = alt_admin_rjson['name'] admin_adjust_alt_admin_response = update_schedule( admin_client, alt_admin_entry_name, TEST_SCHEDULE_ENTRY) validate_response(admin_adjust_user_response, status.HTTP_200_OK) assert admin_adjust_user_response.data['is_private'] validate_response(admin_adjust_alt_admin_response, status.HTTP_200_OK) assert not admin_adjust_alt_admin_response.data['is_private']
def simulate_acquisitions(client, schedule_entry, n=1, name=None): assert 0 < n <= 10 if n > 1: schedule_entry["relative_stop"] = n if name is not None: schedule_entry["name"] = name entry = post_schedule(client, schedule_entry) simulate_scheduler_run(n) return entry["name"]
def test_admin_can_use_negative_priority(admin_client): hipri = TEST_PRIVATE_SCHEDULE_ENTRY.copy() hipri['priority'] = -20 rjson = post_schedule(admin_client, hipri) entry_name = rjson['name'] kws = {'pk': entry_name} kws.update(V1) entry_url = reverse('schedule-detail', kwargs=kws) admin_user_respose = admin_client.get(entry_url, **HTTPS_KWARG) assert rjson['priority'] == -20 validate_response(admin_user_respose, status.HTTP_200_OK) assert admin_user_respose.data['is_private']
def test_post_admin_private_schedule(admin_client): rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY) entry_name = rjson['name'] kws = {'pk': entry_name} kws.update(V1) entry_url = reverse('schedule-detail', kwargs=kws) admin_user_respose = admin_client.get(entry_url, **HTTPS_KWARG) for k, v in TEST_PRIVATE_SCHEDULE_ENTRY.items(): assert rjson[k] == v assert rjson['is_private'] validate_response(admin_user_respose, status.HTTP_200_OK) assert admin_user_respose.data['is_private']