class TestMustBeContributorDecorator(AuthAppTestCase):
def setUp(self):
super(TestMustBeContributorDecorator, self).setUp()
self.contrib = AuthUserFactory()
self.project = ProjectFactory()
self.project.add_contributor(self.contrib, auth=Auth(self.project.creator))
self.project.save()
def test_must_be_contributor_when_user_is_contributor(self):
result = view_that_needs_contributor(
pid=self.project._primary_key,
api_key=self.contrib.auth[1],
api_node=self.project,
user=self.contrib)
assert_equal(result, self.project)
def test_must_be_contributor_when_user_is_not_contributor_raises_error(self):
non_contributor = AuthUserFactory()
with assert_raises(HTTPError):
view_that_needs_contributor(
pid=self.project._primary_key,
api_key=non_contributor.auth[1],
api_node=non_contributor.auth[1],
user=non_contributor
)
def test_must_be_contributor_no_user(self):
res = view_that_needs_contributor(
pid=self.project._primary_key,
user=None,
api_key='123',
api_node='abc',
)
assert_is_redirect(res)
redirect_url = res.headers['Location']
assert_equal(redirect_url, '/login/?next=/')
def test_must_be_contributor_parent_admin(self):
user = UserFactory()
node = NodeFactory(parent=self.project, creator=user)
res = view_that_needs_contributor(
pid=self.project._id,
nid=node._id,
user=self.project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_write(self):
user = UserFactory()
node = NodeFactory(parent=self.project, creator=user)
self.project.set_permissions(self.project.creator, ['read', 'write'])
self.project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor(
pid=self.project._id,
nid=node._id,
user=self.project.creator,
)
assert_equal(exc_info.exception.code, 403)
class TestMustBeContributorDecorator(AuthAppTestCase):
def setUp(self):
super(TestMustBeContributorDecorator, self).setUp()
self.contrib = AuthUserFactory()
self.project = ProjectFactory()
self.project.add_contributor(self.contrib,
auth=Auth(self.project.creator))
self.project.save()
def test_must_be_contributor_when_user_is_contributor(self):
result = view_that_needs_contributor(pid=self.project._primary_key,
api_key=self.contrib.auth[1],
api_node=self.project,
user=self.contrib)
assert_equal(result, self.project)
def test_must_be_contributor_when_user_is_not_contributor_raises_error(
self):
non_contributor = AuthUserFactory()
with assert_raises(HTTPError):
view_that_needs_contributor(pid=self.project._primary_key,
api_key=non_contributor.auth[1],
api_node=non_contributor.auth[1],
user=non_contributor)
def test_must_be_contributor_no_user(self):
res = view_that_needs_contributor(
pid=self.project._primary_key,
user=None,
api_key='123',
api_node='abc',
)
assert_is_redirect(res)
# redirects to login url
redirect_url = res.headers['Location']
login_url = cas.get_login_url(service_url='http://localhost/')
assert_equal(redirect_url, login_url)
def test_must_be_contributor_parent_admin(self):
user = UserFactory()
node = NodeFactory(parent=self.project, creator=user)
res = view_that_needs_contributor(
pid=self.project._id,
nid=node._id,
user=self.project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_write(self):
user = UserFactory()
node = NodeFactory(parent=self.project, creator=user)
self.project.set_permissions(self.project.creator, ['read', 'write'])
self.project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor(
pid=self.project._id,
nid=node._id,
user=self.project.creator,
)
assert_equal(exc_info.exception.code, 403)
class TestMustBeContributorOrPublicButNotAnonymizedDecorator(AuthAppTestCase):
def setUp(self):
super(TestMustBeContributorOrPublicButNotAnonymizedDecorator,
self).setUp()
self.contrib = AuthUserFactory()
self.non_contrib = AuthUserFactory()
admin = UserFactory()
self.public_project = ProjectFactory(is_public=True)
self.public_project.add_contributor(
admin,
auth=Auth(self.public_project.creator),
permissions=['read', 'write', 'admin'])
self.private_project = ProjectFactory(is_public=False)
self.private_project.add_contributor(
admin,
auth=Auth(self.private_project.creator),
permissions=['read', 'write', 'admin'])
self.public_project.add_contributor(self.contrib,
auth=Auth(
self.public_project.creator))
self.private_project.add_contributor(self.contrib,
auth=Auth(
self.private_project.creator))
self.public_project.save()
self.private_project.save()
self.anonymized_link_to_public_project = PrivateLinkFactory(
anonymous=True)
self.anonymized_link_to_private_project = PrivateLinkFactory(
anonymous=True)
self.anonymized_link_to_public_project.nodes.append(
self.public_project)
self.anonymized_link_to_public_project.save()
self.anonymized_link_to_private_project.nodes.append(
self.private_project)
self.anonymized_link_to_private_project.save()
self.flaskapp = Flask('Testing decorator')
@self.flaskapp.route('/project/<pid>/')
@must_be_contributor_or_public_but_not_anonymized
def project_get(**kwargs):
return 'success', 200
self.app = TestApp(self.flaskapp)
def test_must_be_contributor_when_user_is_contributor_and_public_project(
self):
result = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._primary_key, user=self.contrib)
assert_equal(result, self.public_project)
def test_must_be_contributor_when_user_is_not_contributor_and_public_project(
self):
result = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._primary_key, user=self.non_contrib)
assert_equal(result, self.public_project)
def test_must_be_contributor_when_user_is_contributor_and_private_project(
self):
result = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._primary_key, user=self.contrib)
assert_equal(result, self.private_project)
def test_must_be_contributor_when_user_is_not_contributor_and_private_project_raise_error(
self):
with assert_raises(HTTPError):
view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._primary_key, user=self.non_contrib)
def test_must_be_contributor_no_user_and_public_project(self):
res = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._primary_key,
user=None,
)
assert_equal(res, self.public_project)
def test_must_be_contributor_no_user_and_private_project(self):
res = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._primary_key,
user=None,
)
assert_is_redirect(res)
# redirects to login url
redirect_url = res.headers['Location']
login_url = cas.get_login_url(service_url='http://localhost/')
assert_equal(redirect_url, login_url)
def test_must_be_contributor_parent_admin_and_public_project(self):
user = UserFactory()
node = NodeFactory(parent=self.public_project, creator=user)
res = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._id,
nid=node._id,
user=self.public_project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_admin_and_private_project(self):
user = UserFactory()
node = NodeFactory(parent=self.private_project, creator=user)
res = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._id,
nid=node._id,
user=self.private_project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_write_public_project(self):
user = UserFactory()
node = NodeFactory(parent=self.public_project, creator=user)
self.public_project.set_permissions(self.public_project.creator,
['read', 'write'])
self.public_project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._id,
nid=node._id,
user=self.public_project.creator,
)
assert_equal(exc_info.exception.code, 403)
def test_must_be_contributor_parent_write_private_project(self):
user = UserFactory()
node = NodeFactory(parent=self.private_project, creator=user)
self.private_project.set_permissions(self.private_project.creator,
['read', 'write'])
self.private_project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._id,
nid=node._id,
user=self.private_project.creator,
)
assert_equal(exc_info.exception.code, 403)
@mock.patch('website.project.decorators.Auth.from_kwargs')
def test_decorator_does_allow_anonymous_link_public_project(
self, mock_from_kwargs):
mock_from_kwargs.return_value = Auth(user=None)
res = self.app.get(
'/project/{0}'.format(self.public_project._primary_key),
{'view_only': self.anonymized_link_to_public_project.key})
res = res.follow()
assert_equal(res.status_code, 200)
@mock.patch('website.project.decorators.Auth.from_kwargs')
def test_decorator_does_not_allow_anonymous_link_private_project(
self, mock_from_kwargs):
mock_from_kwargs.return_value = Auth(user=None)
res = self.app.get(
'/project/{0}'.format(self.private_project._primary_key),
{'view_only': self.anonymized_link_to_private_project.key})
res = res.follow(expect_errors=True)
assert_equal(res.status_code, 500)
class TestMustBeContributorDecorator(AuthAppTestCase):
def setUp(self):
super(TestMustBeContributorDecorator, self).setUp()
self.contrib = AuthUserFactory()
self.non_contrib = AuthUserFactory()
admin = UserFactory()
self.public_project = ProjectFactory(is_public=True)
self.public_project.add_contributor(
admin,
auth=Auth(self.public_project.creator),
permissions=['read', 'write', 'admin'])
self.private_project = ProjectFactory(is_public=False)
self.public_project.add_contributor(self.contrib,
auth=Auth(
self.public_project.creator))
self.private_project.add_contributor(self.contrib,
auth=Auth(
self.private_project.creator))
self.private_project.add_contributor(
admin,
auth=Auth(self.private_project.creator),
permissions=['read', 'write', 'admin'])
self.public_project.save()
self.private_project.save()
def test_must_be_contributor_when_user_is_contributor_and_public_project(
self):
result = view_that_needs_contributor(
pid=self.public_project._primary_key, user=self.contrib)
assert_equal(result, self.public_project)
@unittest.skip(
'Decorator function bug fails this test, skip until bug is fixed')
def test_must_be_contributor_when_user_is_not_contributor_and_public_project_raise_error(
self):
with assert_raises(HTTPError):
view_that_needs_contributor(pid=self.public_project._primary_key,
user=self.non_contrib)
def test_must_be_contributor_when_user_is_contributor_and_private_project(
self):
result = view_that_needs_contributor(
pid=self.private_project._primary_key, user=self.contrib)
assert_equal(result, self.private_project)
def test_must_be_contributor_when_user_is_not_contributor_and_private_project_raise_error(
self):
with assert_raises(HTTPError):
view_that_needs_contributor(pid=self.private_project._primary_key,
user=self.non_contrib)
def test_must_be_contributor_no_user_and_public_project_redirect(self):
res = view_that_needs_contributor(
pid=self.public_project._primary_key,
user=None,
)
assert_is_redirect(res)
# redirects to login url
redirect_url = res.headers['Location']
login_url = cas.get_login_url(service_url='http://localhost/')
assert_equal(redirect_url, login_url)
def test_must_be_contributor_no_user_and_private_project_redirect(self):
res = view_that_needs_contributor(
pid=self.private_project._primary_key,
user=None,
)
assert_is_redirect(res)
# redirects to login url
redirect_url = res.headers['Location']
login_url = cas.get_login_url(service_url='http://localhost/')
assert_equal(redirect_url, login_url)
def test_must_be_contributor_parent_admin_and_public_project(self):
user = UserFactory()
node = NodeFactory(parent=self.public_project, creator=user)
res = view_that_needs_contributor(
pid=self.public_project._id,
nid=node._id,
user=self.public_project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_admin_and_private_project(self):
user = UserFactory()
node = NodeFactory(parent=self.private_project, creator=user)
res = view_that_needs_contributor(
pid=self.private_project._id,
nid=node._id,
user=self.private_project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_write_public_project(self):
user = UserFactory()
node = NodeFactory(parent=self.public_project, creator=user)
self.public_project.set_permissions(self.public_project.creator,
['read', 'write'])
self.public_project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor(
pid=self.public_project._id,
nid=node._id,
user=self.public_project.creator,
)
assert_equal(exc_info.exception.code, 403)
def test_must_be_contributor_parent_write_private_project(self):
user = UserFactory()
node = NodeFactory(parent=self.private_project, creator=user)
self.private_project.set_permissions(self.private_project.creator,
['read', 'write'])
self.private_project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor(
pid=self.private_project._id,
nid=node._id,
user=self.private_project.creator,
)
assert_equal(exc_info.exception.code, 403)
class TestMustBeContributorOrPublicButNotAnonymizedDecorator(AuthAppTestCase):
def setUp(self):
super(TestMustBeContributorOrPublicButNotAnonymizedDecorator, self).setUp()
self.contrib = AuthUserFactory()
self.non_contrib = AuthUserFactory()
admin = UserFactory()
self.public_project = ProjectFactory(is_public=True)
self.public_project.add_contributor(admin, auth=Auth(self.public_project.creator), permissions=['read', 'write', 'admin'])
self.private_project = ProjectFactory(is_public=False)
self.private_project.add_contributor(admin, auth=Auth(self.private_project.creator), permissions=['read', 'write', 'admin'])
self.public_project.add_contributor(self.contrib, auth=Auth(self.public_project.creator))
self.private_project.add_contributor(self.contrib, auth=Auth(self.private_project.creator))
self.public_project.save()
self.private_project.save()
self.anonymized_link_to_public_project = PrivateLinkFactory(anonymous=True)
self.anonymized_link_to_private_project = PrivateLinkFactory(anonymous=True)
self.anonymized_link_to_public_project.nodes.append(self.public_project)
self.anonymized_link_to_public_project.save()
self.anonymized_link_to_private_project.nodes.append(self.private_project)
self.anonymized_link_to_private_project.save()
self.flaskapp = Flask('Testing decorator')
@self.flaskapp.route('/project/<pid>/')
@must_be_contributor_or_public_but_not_anonymized
def project_get(**kwargs):
return 'success', 200
self.app = TestApp(self.flaskapp)
def test_must_be_contributor_when_user_is_contributor_and_public_project(self):
result = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._primary_key,
user=self.contrib)
assert_equal(result, self.public_project)
def test_must_be_contributor_when_user_is_not_contributor_and_public_project(self):
result = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._primary_key,
user=self.non_contrib)
assert_equal(result, self.public_project)
def test_must_be_contributor_when_user_is_contributor_and_private_project(self):
result = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._primary_key,
user=self.contrib)
assert_equal(result, self.private_project)
def test_must_be_contributor_when_user_is_not_contributor_and_private_project_raise_error(self):
with assert_raises(HTTPError):
view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._primary_key,
user=self.non_contrib
)
def test_must_be_contributor_no_user_and_public_project(self):
res = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._primary_key,
user=None,
)
assert_equal(res, self.public_project)
def test_must_be_contributor_no_user_and_private_project(self):
res = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._primary_key,
user=None,
)
assert_is_redirect(res)
# redirects to login url
redirect_url = res.headers['Location']
login_url = cas.get_login_url(service_url='http://localhost/')
assert_equal(redirect_url, login_url)
def test_must_be_contributor_parent_admin_and_public_project(self):
user = UserFactory()
node = NodeFactory(parent=self.public_project, creator=user)
res = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._id,
nid=node._id,
user=self.public_project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_admin_and_private_project(self):
user = UserFactory()
node = NodeFactory(parent=self.private_project, creator=user)
res = view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._id,
nid=node._id,
user=self.private_project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_write_public_project(self):
user = UserFactory()
node = NodeFactory(parent=self.public_project, creator=user)
self.public_project.set_permissions(self.public_project.creator, ['read', 'write'])
self.public_project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.public_project._id,
nid=node._id,
user=self.public_project.creator,
)
assert_equal(exc_info.exception.code, 403)
def test_must_be_contributor_parent_write_private_project(self):
user = UserFactory()
node = NodeFactory(parent=self.private_project, creator=user)
self.private_project.set_permissions(self.private_project.creator, ['read', 'write'])
self.private_project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor_or_public_but_not_anonymized(
pid=self.private_project._id,
nid=node._id,
user=self.private_project.creator,
)
assert_equal(exc_info.exception.code, 403)
@mock.patch('website.project.decorators.Auth.from_kwargs')
def test_decorator_does_allow_anonymous_link_public_project(self, mock_from_kwargs):
mock_from_kwargs.return_value = Auth(user=None)
res = self.app.get('/project/{0}'.format(self.public_project._primary_key),
{'view_only': self.anonymized_link_to_public_project.key})
res = res.follow()
assert_equal(res.status_code, 200)
@mock.patch('website.project.decorators.Auth.from_kwargs')
def test_decorator_does_not_allow_anonymous_link_private_project(self, mock_from_kwargs):
mock_from_kwargs.return_value = Auth(user=None)
res = self.app.get('/project/{0}'.format(self.private_project._primary_key),
{'view_only': self.anonymized_link_to_private_project.key})
res = res.follow(expect_errors=True)
assert_equal(res.status_code, 500)
class TestMustBeContributorDecorator(AuthAppTestCase):
def setUp(self):
super(TestMustBeContributorDecorator, self).setUp()
self.contrib = AuthUserFactory()
self.non_contrib = AuthUserFactory()
admin = UserFactory()
self.public_project = ProjectFactory(is_public=True)
self.public_project.add_contributor(admin, auth=Auth(self.public_project.creator), permissions=['read', 'write', 'admin'])
self.private_project = ProjectFactory(is_public=False)
self.public_project.add_contributor(self.contrib, auth=Auth(self.public_project.creator))
self.private_project.add_contributor(self.contrib, auth=Auth(self.private_project.creator))
self.private_project.add_contributor(admin, auth=Auth(self.private_project.creator), permissions=['read', 'write', 'admin'])
self.public_project.save()
self.private_project.save()
def test_must_be_contributor_when_user_is_contributor_and_public_project(self):
result = view_that_needs_contributor(
pid=self.public_project._primary_key,
user=self.contrib)
assert_equal(result, self.public_project)
@unittest.skip('Decorator function bug fails this test, skip until bug is fixed')
def test_must_be_contributor_when_user_is_not_contributor_and_public_project_raise_error(self):
with assert_raises(HTTPError):
view_that_needs_contributor(
pid=self.public_project._primary_key,
user=self.non_contrib
)
def test_must_be_contributor_when_user_is_contributor_and_private_project(self):
result = view_that_needs_contributor(
pid=self.private_project._primary_key,
user=self.contrib)
assert_equal(result, self.private_project)
def test_must_be_contributor_when_user_is_not_contributor_and_private_project_raise_error(self):
with assert_raises(HTTPError):
view_that_needs_contributor(
pid=self.private_project._primary_key,
user=self.non_contrib
)
def test_must_be_contributor_no_user_and_public_project_redirect(self):
res = view_that_needs_contributor(
pid=self.public_project._primary_key,
user=None,
)
assert_is_redirect(res)
# redirects to login url
redirect_url = res.headers['Location']
login_url = cas.get_login_url(service_url='http://localhost/')
assert_equal(redirect_url, login_url)
def test_must_be_contributor_no_user_and_private_project_redirect(self):
res = view_that_needs_contributor(
pid=self.private_project._primary_key,
user=None,
)
assert_is_redirect(res)
# redirects to login url
redirect_url = res.headers['Location']
login_url = cas.get_login_url(service_url='http://localhost/')
assert_equal(redirect_url, login_url)
def test_must_be_contributor_parent_admin_and_public_project(self):
user = UserFactory()
node = NodeFactory(parent=self.public_project, creator=user)
res = view_that_needs_contributor(
pid=self.public_project._id,
nid=node._id,
user=self.public_project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_admin_and_private_project(self):
user = UserFactory()
node = NodeFactory(parent=self.private_project, creator=user)
res = view_that_needs_contributor(
pid=self.private_project._id,
nid=node._id,
user=self.private_project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_write_public_project(self):
user = UserFactory()
node = NodeFactory(parent=self.public_project, creator=user)
self.public_project.set_permissions(self.public_project.creator, ['read', 'write'])
self.public_project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor(
pid=self.public_project._id,
nid=node._id,
user=self.public_project.creator,
)
assert_equal(exc_info.exception.code, 403)
def test_must_be_contributor_parent_write_private_project(self):
user = UserFactory()
node = NodeFactory(parent=self.private_project, creator=user)
self.private_project.set_permissions(self.private_project.creator, ['read', 'write'])
self.private_project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor(
pid=self.private_project._id,
nid=node._id,
user=self.private_project.creator,
)
assert_equal(exc_info.exception.code, 403)
