class TestPublicNodes(SearchTestCase):
def setUp(self):
super(TestPublicNodes, self).setUp()
self.user = UserFactory(usename='Doug Bogie')
self.title = 'Red Special'
self.consolidate_auth = Auth(user=self.user)
self.project = ProjectFactory(
title=self.title,
creator=self.user,
is_public=True,
)
self.component = NodeFactory(parent=self.project,
title=self.title,
creator=self.user,
is_public=True)
self.registration = ProjectFactory(title=self.title,
creator=self.user,
is_public=True,
is_registration=True)
def test_make_private(self):
# Make project public, then private, and verify that it is not present
# in search.
self.project.set_privacy('private')
docs = query('category:project AND ' + self.title)['results']
assert_equal(len(docs), 0)
self.component.set_privacy('private')
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 0)
def test_public_parent_title(self):
self.project.set_title('hello & world', self.consolidate_auth)
self.project.save()
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 1)
assert_equal(docs[0]['parent_title'], 'hello & world')
assert_true(docs[0]['parent_url'])
def test_make_parent_private(self):
# Make parent of component, public, then private, and verify that the
# component still appears but doesn't link to the parent in search.
self.project.set_privacy('private')
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 1)
assert_equal(docs[0]['parent_title'], '-- private project --')
assert_false(docs[0]['parent_url'])
def test_delete_project(self):
self.component.remove_node(self.consolidate_auth)
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 0)
self.project.remove_node(self.consolidate_auth)
docs = query('category:project AND ' + self.title)['results']
assert_equal(len(docs), 0)
def test_change_title(self):
title_original = self.project.title
self.project.set_title('Blue Ordinary',
self.consolidate_auth,
save=True)
docs = query('category:project AND ' + title_original)['results']
assert_equal(len(docs), 0)
docs = query('category:project AND ' + self.project.title)['results']
assert_equal(len(docs), 1)
def test_add_tags(self):
tags = ['stonecoldcrazy', 'just a poor boy', 'from-a-poor-family']
for tag in tags:
docs = query('tags:"{}"'.format(tag))['results']
assert_equal(len(docs), 0)
self.project.add_tag(tag, self.consolidate_auth, save=True)
for tag in tags:
docs = query('tags:"{}"'.format(tag))['results']
assert_equal(len(docs), 1)
def test_remove_tag(self):
tags = ['stonecoldcrazy', 'just a poor boy', 'from-a-poor-family']
for tag in tags:
self.project.add_tag(tag, self.consolidate_auth, save=True)
self.project.remove_tag(tag, self.consolidate_auth, save=True)
docs = query('tags:"{}"'.format(tag))['results']
assert_equal(len(docs), 0)
def test_update_wiki(self):
"""Add text to a wiki page, then verify that project is found when
searching for wiki text.
"""
wiki_content = {'home': 'Hammer to fall', 'swag': '#YOLO'}
for key, value in wiki_content.items():
docs = query(value)['results']
assert_equal(len(docs), 0)
self.project.update_node_wiki(
key,
value,
self.consolidate_auth,
)
docs = query(value)['results']
assert_equal(len(docs), 1)
def test_clear_wiki(self):
# Add wiki text to page, then delete, then verify that project is not
# found when searching for wiki text.
wiki_content = 'Hammer to fall'
self.project.update_node_wiki(
'home',
wiki_content,
self.consolidate_auth,
)
self.project.update_node_wiki('home', '', self.consolidate_auth)
docs = query(wiki_content)['results']
assert_equal(len(docs), 0)
def test_add_contributor(self):
# Add a contributor, then verify that project is found when searching
# for contributor.
user2 = UserFactory(fullname='Adam Lambert')
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 0)
self.project.add_contributor(user2, save=True)
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 1)
def test_remove_contributor(self):
# Add and remove a contributor, then verify that project is not found
# when searching for contributor.
user2 = UserFactory(fullname='Brian May')
self.project.add_contributor(user2, save=True)
self.project.remove_contributor(user2, self.consolidate_auth)
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 0)
def test_hide_contributor(self):
user2 = UserFactory(fullname='Brian May')
self.project.add_contributor(user2)
self.project.set_visible(user2, False, save=True)
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 0)
self.project.set_visible(user2, True, save=True)
docs = query('category:project AND "{}"'.format(
user2.fullname))['results']
assert_equal(len(docs), 1)
def test_wrong_order_search(self):
title_parts = self.title.split(' ')
title_parts.reverse()
title_search = ' '.join(title_parts)
docs = query(title_search)['results']
assert_equal(len(docs), 3)
def test_tag_aggregation(self):
tags = ['stonecoldcrazy', 'just a poor boy', 'from-a-poor-family']
for tag in tags:
self.project.add_tag(tag, self.consolidate_auth, save=True)
docs = query(self.title)['tags']
assert len(docs) == 3
for doc in docs:
assert doc['key'] in tags
class TestPublicNodes(SearchTestCase):
def setUp(self):
super(TestPublicNodes, self).setUp()
self.user = UserFactory(usename='Doug Bogie')
self.title = 'Red Special'
self.consolidate_auth = Auth(user=self.user)
self.project = ProjectFactory(
title=self.title,
creator=self.user,
is_public=True,
)
self.component = NodeFactory(
parent=self.project,
title=self.title,
creator=self.user,
is_public=True
)
self.registration = ProjectFactory(
title=self.title,
creator=self.user,
is_public=True,
is_registration=True
)
def test_make_private(self):
"""Make project public, then private, and verify that it is not present
in search.
"""
self.project.set_privacy('private')
docs = query('category:project AND ' + self.title)['results']
assert_equal(len(docs), 0)
self.component.set_privacy('private')
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 0)
self.registration.set_privacy('private')
docs = query('category:registration AND ' + self.title)['results']
assert_equal(len(docs), 0)
def test_public_parent_title(self):
self.project.set_title('hello & world', self.consolidate_auth)
self.project.save()
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 1)
assert_equal(docs[0]['parent_title'], 'hello & world')
assert_true(docs[0]['parent_url'])
def test_make_parent_private(self):
"""Make parent of component, public, then private, and verify that the
component still appears but doesn't link to the parent in search.
"""
self.project.set_privacy('private')
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 1)
assert_equal(docs[0]['parent_title'], '-- private project --')
assert_false(docs[0]['parent_url'])
def test_delete_project(self):
"""
"""
self.component.remove_node(self.consolidate_auth)
docs = query('category:component AND ' + self.title)['results']
assert_equal(len(docs), 0)
self.project.remove_node(self.consolidate_auth)
docs = query('category:project AND ' + self.title)['results']
assert_equal(len(docs), 0)
def test_change_title(self):
"""
"""
title_original = self.project.title
self.project.set_title(
'Blue Ordinary', self.consolidate_auth, save=True)
docs = query('category:project AND ' + title_original)['results']
assert_equal(len(docs), 0)
docs = query('category:project AND ' + self.project.title)['results']
assert_equal(len(docs), 1)
def test_add_tags(self):
tags = ['stonecoldcrazy', 'just a poor boy', 'from-a-poor-family']
for tag in tags:
docs = query('tags:"{}"'.format(tag))['results']
assert_equal(len(docs), 0)
self.project.add_tag(tag, self.consolidate_auth, save=True)
for tag in tags:
docs = query('tags:"{}"'.format(tag))['results']
assert_equal(len(docs), 1)
def test_remove_tag(self):
tags = ['stonecoldcrazy', 'just a poor boy', 'from-a-poor-family']
for tag in tags:
self.project.add_tag(tag, self.consolidate_auth, save=True)
self.project.remove_tag(tag, self.consolidate_auth, save=True)
docs = query('tags:"{}"'.format(tag))['results']
assert_equal(len(docs), 0)
def test_update_wiki(self):
"""Add text to a wiki page, then verify that project is found when
searching for wiki text.
"""
wiki_content = {
'home': 'Hammer to fall',
'swag': '#YOLO'
}
for key, value in wiki_content.items():
docs = query(value)['results']
assert_equal(len(docs), 0)
self.project.update_node_wiki(
key, value, self.consolidate_auth,
)
docs = query(value)['results']
assert_equal(len(docs), 1)
def test_clear_wiki(self):
"""Add wiki text to page, then delete, then verify that project is not
found when searching for wiki text.
"""
wiki_content = 'Hammer to fall'
self.project.update_node_wiki(
'home', wiki_content, self.consolidate_auth,
)
self.project.update_node_wiki('home', '', self.consolidate_auth)
docs = query(wiki_content)['results']
assert_equal(len(docs), 0)
def test_add_contributor(self):
"""Add a contributor, then verify that project is found when searching
for contributor.
"""
user2 = UserFactory(fullname='Adam Lambert')
docs = query('category:project AND "{}"'.format(user2.fullname))['results']
assert_equal(len(docs), 0)
self.project.add_contributor(user2, save=True)
docs = query('category:project AND "{}"'.format(user2.fullname))['results']
assert_equal(len(docs), 1)
def test_remove_contributor(self):
"""Add and remove a contributor, then verify that project is not found
when searching for contributor.
"""
user2 = UserFactory(fullname='Brian May')
self.project.add_contributor(user2, save=True)
self.project.remove_contributor(user2, self.consolidate_auth)
docs = query('category:project AND "{}"'.format(user2.fullname))['results']
assert_equal(len(docs), 0)
def test_hide_contributor(self):
user2 = UserFactory(fullname='Brian May')
self.project.add_contributor(user2)
self.project.set_visible(user2, False, save=True)
docs = query('category:project AND "{}"'.format(user2.fullname))['results']
assert_equal(len(docs), 0)
self.project.set_visible(user2, True, save=True)
docs = query('category:project AND "{}"'.format(user2.fullname))['results']
assert_equal(len(docs), 1)
def test_wrong_order_search(self):
title_parts = self.title.split(' ')
title_parts.reverse()
title_search = ' '.join(title_parts)
docs = query(title_search)['results']
assert_equal(len(docs), 3)
def test_tag_aggregation(self):
tags = ['stonecoldcrazy', 'just a poor boy', 'from-a-poor-family']
for tag in tags:
self.project.add_tag(tag, self.consolidate_auth, save=True)
docs = query(self.title)['tags']
assert len(docs) == 3
for doc in docs:
assert doc['key'] in tags
class TestNodeContributorDelete(ApiTestCase):
def setUp(self):
super(TestNodeContributorDelete, self).setUp()
self.user = AuthUserFactory()
self.user_two = AuthUserFactory()
self.user_three = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_contributor(self.user_two, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
self.url_user = '******'.format(API_BASE, self.project._id, self.user._id)
self.url_user_two = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, self.user_two._id)
self.url_user_three = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, self.user_three._id)
@assert_logs(NodeLog.CONTRIB_REMOVED, 'project')
def test_remove_contributor_admin(self):
res = self.app.delete(self.url_user_two, auth=self.user.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_two, self.project.contributors)
def test_remove_contributor_non_admin_is_forbidden(self):
self.project.add_contributor(self.user_three, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
res = self.app.delete(self.url_user_three, auth=self.user_two.auth, expect_errors=True)
assert_equal(res.status_code, 403)
self.project.reload()
assert_in(self.user_three, self.project.contributors)
@assert_logs(NodeLog.CONTRIB_REMOVED, 'project')
def test_remove_self_non_admin(self):
self.project.add_contributor(self.user_three, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
res = self.app.delete(self.url_user_three, auth=self.user_three.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_three, self.project.contributors)
def test_remove_contributor_non_contributor(self):
res = self.app.delete(self.url_user_two, auth=self.user_three.auth, expect_errors=True)
assert_equal(res.status_code, 403)
self.project.reload()
assert_in(self.user_two, self.project.contributors)
def test_remove_contributor_not_logged_in(self):
res = self.app.delete(self.url_user_two, expect_errors=True)
assert_equal(res.status_code, 401)
self.project.reload()
assert_in(self.user_two, self.project.contributors)
def test_remove_non_contributor_admin(self):
assert_not_in(self.user_three, self.project.contributors)
res = self.app.delete(self.url_user_three, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
self.project.reload()
assert_not_in(self.user_three, self.project.contributors)
def test_remove_non_existing_user_admin(self):
url_user_fake = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, 'fake')
res = self.app.delete(url_user_fake, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
@assert_logs(NodeLog.CONTRIB_REMOVED, 'project')
def test_remove_self_contributor_not_unique_admin(self):
self.project.add_permission(self.user_two, permissions.ADMIN, save=True)
res = self.app.delete(self.url_user, auth=self.user.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user, self.project.contributors)
@assert_logs(NodeLog.CONTRIB_REMOVED, 'project')
def test_can_remove_self_as_contributor_not_unique_admin(self):
self.project.add_permission(self.user_two, permissions.ADMIN, save=True)
res = self.app.delete(self.url_user_two, auth=self.user_two.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_two, self.project.contributors)
def test_remove_self_contributor_unique_admin(self):
res = self.app.delete(self.url_user, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
self.project.reload()
assert_in(self.user, self.project.contributors)
def test_can_not_remove_only_bibliographic_contributor(self):
self.project.add_permission(self.user_two, permissions.ADMIN, save=True)
self.project.set_visible(self.user_two, False, save=True)
res = self.app.delete(self.url_user, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
self.project.reload()
assert_in(self.user, self.project.contributors)
class TestNodeContributorUpdate(ApiTestCase):
def setUp(self):
super(TestNodeContributorUpdate, self).setUp()
self.user = AuthUserFactory()
self.user_two = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_contributor(self.user_two, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
self.url_creator = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, self.user._id)
self.url_contributor = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, self.user_two._id)
def test_node_update_invalid_data(self):
res = self.app.put_json_api(self.url_creator, "Incorrect data", auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], "Malformed request.")
res = self.app.put_json_api(self.url_creator, ["Incorrect data"], auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], "Malformed request.")
def test_change_contributor_no_id(self):
data = {
'data': {
'type': 'contributors',
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
def test_change_contributor_incorrect_id(self):
data = {
'data': {
'id': '12345',
'type': 'contributors',
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 409)
def test_change_contributor_no_type(self):
data = {
'data': {
'id': self.user_two._id,
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
def test_change_contributor_incorrect_type(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'Wrong type.',
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 409)
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project', -3)
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project', -2)
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project')
def test_change_contributor_permissions(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.ADMIN)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE, permissions.ADMIN])
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.WRITE,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.WRITE)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.READ,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.READ)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ])
@assert_logs(NodeLog.MADE_CONTRIBUTOR_INVISIBLE, 'project', -2)
@assert_logs(NodeLog.MADE_CONTRIBUTOR_VISIBLE, 'project')
def test_change_contributor_bibliographic(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['bibliographic'], False)
self.project.reload()
assert_false(self.project.get_visible(self.user_two))
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['bibliographic'], True)
self.project.reload()
assert_true(self.project.get_visible(self.user_two))
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project', -2)
@assert_logs(NodeLog.MADE_CONTRIBUTOR_INVISIBLE, 'project')
def test_change_contributor_permission_and_bibliographic(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.READ,
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.READ)
assert_equal(attributes['bibliographic'], False)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ])
assert_false(self.project.get_visible(self.user_two))
@assert_not_logs(NodeLog.PERMISSIONS_UPDATED, 'project')
def test_not_change_contributor(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': None,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.WRITE)
assert_equal(attributes['bibliographic'], True)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
assert_true(self.project.get_visible(self.user_two))
def test_invalid_change_inputs_contributor(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': 'invalid',
'bibliographic': 'invalid'
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
assert_true(self.project.get_visible(self.user_two))
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project')
def test_change_admin_self_with_other_admin(self):
self.project.add_permission(self.user_two, permissions.ADMIN, save=True)
data = {
'data': {
'id': self.user._id,
'type': 'contributors',
'attributes': {
'permission': permissions.WRITE,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_creator, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.WRITE)
self.project.reload()
assert_equal(self.project.get_permissions(self.user), [permissions.READ, permissions.WRITE])
def test_change_admin_self_without_other_admin(self):
data = {
'data': {
'id': self.user._id,
'type': 'contributors',
'attributes': {
'permission': permissions.WRITE,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_creator, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
self.project.reload()
assert_equal(self.project.get_permissions(self.user), [permissions.READ, permissions.WRITE, permissions.ADMIN])
def test_remove_all_bibliographic_statuses_contributors(self):
self.project.set_visible(self.user_two, False, save=True)
data = {
'data': {
'id': self.user._id,
'type': 'contributors',
'attributes': {
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_creator, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
self.project.reload()
assert_true(self.project.get_visible(self.user))
def test_change_contributor_non_admin_auth(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.READ,
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user_two.auth, expect_errors=True)
assert_equal(res.status_code, 403)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
assert_true(self.project.get_visible(self.user_two))
def test_change_contributor_not_logged_in(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.READ,
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_contributor, data, expect_errors=True)
assert_equal(res.status_code, 401)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
assert_true(self.project.get_visible(self.user_two))
class TestNodeContributorDelete(ApiTestCase):
def setUp(self):
super(TestNodeContributorDelete, self).setUp()
self.user = AuthUserFactory()
self.user_two = AuthUserFactory()
self.user_three = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_contributor(self.user_two, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
self.url_user = '******'.format(API_BASE, self.project._id, self.user._id)
self.url_user_two = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, self.user_two._id)
self.url_user_three = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, self.user_three._id)
@assert_logs(NodeLog.CONTRIB_REMOVED, 'project')
def test_remove_contributor_admin(self):
res = self.app.delete(self.url_user_two, auth=self.user.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_two, self.project.contributors)
def test_remove_contributor_non_admin_is_forbidden(self):
self.project.add_contributor(self.user_three, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
res = self.app.delete(self.url_user_three, auth=self.user_two.auth, expect_errors=True)
assert_equal(res.status_code, 403)
self.project.reload()
assert_in(self.user_three, self.project.contributors)
@assert_logs(NodeLog.CONTRIB_REMOVED, 'project')
def test_remove_self_non_admin(self):
self.project.add_contributor(self.user_three, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
res = self.app.delete(self.url_user_three, auth=self.user_three.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_three, self.project.contributors)
def test_remove_contributor_non_contributor(self):
res = self.app.delete(self.url_user_two, auth=self.user_three.auth, expect_errors=True)
assert_equal(res.status_code, 403)
self.project.reload()
assert_in(self.user_two, self.project.contributors)
def test_remove_contributor_not_logged_in(self):
res = self.app.delete(self.url_user_two, expect_errors=True)
assert_equal(res.status_code, 401)
self.project.reload()
assert_in(self.user_two, self.project.contributors)
def test_remove_non_contributor_admin(self):
assert_not_in(self.user_three, self.project.contributors)
res = self.app.delete(self.url_user_three, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
self.project.reload()
assert_not_in(self.user_three, self.project.contributors)
def test_remove_non_existing_user_admin(self):
url_user_fake = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, 'fake')
res = self.app.delete(url_user_fake, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
@assert_logs(NodeLog.CONTRIB_REMOVED, 'project')
def test_remove_self_contributor_not_unique_admin(self):
self.project.add_permission(self.user_two, permissions.ADMIN, save=True)
res = self.app.delete(self.url_user, auth=self.user.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user, self.project.contributors)
@assert_logs(NodeLog.CONTRIB_REMOVED, 'project')
def test_can_remove_self_as_contributor_not_unique_admin(self):
self.project.add_permission(self.user_two, permissions.ADMIN, save=True)
res = self.app.delete(self.url_user_two, auth=self.user_two.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_two, self.project.contributors)
def test_remove_self_contributor_unique_admin(self):
res = self.app.delete(self.url_user, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
self.project.reload()
assert_in(self.user, self.project.contributors)
def test_can_not_remove_only_bibliographic_contributor(self):
self.project.add_permission(self.user_two, permissions.ADMIN, save=True)
self.project.set_visible(self.user_two, False, save=True)
res = self.app.delete(self.url_user, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
self.project.reload()
assert_in(self.user, self.project.contributors)
class TestNodeContributorUpdate(ApiTestCase):
def setUp(self):
super(TestNodeContributorUpdate, self).setUp()
self.user = AuthUserFactory()
self.user_two = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_contributor(self.user_two, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
self.url_creator = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, self.user._id)
self.url_contributor = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, self.user_two._id)
def test_node_update_invalid_data(self):
res = self.app.put_json_api(self.url_creator, "Incorrect data", auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], "Malformed request.")
res = self.app.put_json_api(self.url_creator, ["Incorrect data"], auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'], "Malformed request.")
def test_change_contributor_no_id(self):
data = {
'data': {
'type': 'contributors',
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
def test_change_contributor_incorrect_id(self):
data = {
'data': {
'id': '12345',
'type': 'contributors',
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 409)
def test_change_contributor_no_type(self):
data = {
'data': {
'id': self.user_two._id,
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
def test_change_contributor_incorrect_type(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'Wrong type.',
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 409)
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project', -3)
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project', -2)
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project')
def test_change_contributor_permissions(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.ADMIN,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.ADMIN)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE, permissions.ADMIN])
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.WRITE,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.WRITE)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.READ,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.READ)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ])
@assert_logs(NodeLog.MADE_CONTRIBUTOR_INVISIBLE, 'project', -2)
@assert_logs(NodeLog.MADE_CONTRIBUTOR_VISIBLE, 'project')
def test_change_contributor_bibliographic(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['bibliographic'], False)
self.project.reload()
assert_false(self.project.get_visible(self.user_two))
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['bibliographic'], True)
self.project.reload()
assert_true(self.project.get_visible(self.user_two))
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project', -2)
@assert_logs(NodeLog.MADE_CONTRIBUTOR_INVISIBLE, 'project')
def test_change_contributor_permission_and_bibliographic(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.READ,
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.READ)
assert_equal(attributes['bibliographic'], False)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ])
assert_false(self.project.get_visible(self.user_two))
@assert_not_logs(NodeLog.PERMISSIONS_UPDATED, 'project')
def test_not_change_contributor(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': None,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.WRITE)
assert_equal(attributes['bibliographic'], True)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
assert_true(self.project.get_visible(self.user_two))
def test_invalid_change_inputs_contributor(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': 'invalid',
'bibliographic': 'invalid'
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
assert_true(self.project.get_visible(self.user_two))
@assert_logs(NodeLog.PERMISSIONS_UPDATED, 'project')
def test_change_admin_self_with_other_admin(self):
self.project.add_permission(self.user_two, permissions.ADMIN, save=True)
data = {
'data': {
'id': self.user._id,
'type': 'contributors',
'attributes': {
'permission': permissions.WRITE,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_creator, data, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
assert_equal(attributes['permission'], permissions.WRITE)
self.project.reload()
assert_equal(self.project.get_permissions(self.user), [permissions.READ, permissions.WRITE])
def test_change_admin_self_without_other_admin(self):
data = {
'data': {
'id': self.user._id,
'type': 'contributors',
'attributes': {
'permission': permissions.WRITE,
'bibliographic': True
}
}
}
res = self.app.put_json_api(self.url_creator, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
self.project.reload()
assert_equal(self.project.get_permissions(self.user), [permissions.READ, permissions.WRITE, permissions.ADMIN])
def test_remove_all_bibliographic_statuses_contributors(self):
self.project.set_visible(self.user_two, False, save=True)
data = {
'data': {
'id': self.user._id,
'type': 'contributors',
'attributes': {
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_creator, data, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
self.project.reload()
assert_true(self.project.get_visible(self.user))
def test_change_contributor_non_admin_auth(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.READ,
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_contributor, data, auth=self.user_two.auth, expect_errors=True)
assert_equal(res.status_code, 403)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
assert_true(self.project.get_visible(self.user_two))
def test_change_contributor_not_logged_in(self):
data = {
'data': {
'id': self.user_two._id,
'type': 'contributors',
'attributes': {
'permission': permissions.READ,
'bibliographic': False
}
}
}
res = self.app.put_json_api(self.url_contributor, data, expect_errors=True)
assert_equal(res.status_code, 401)
self.project.reload()
assert_equal(self.project.get_permissions(self.user_two), [permissions.READ, permissions.WRITE])
assert_true(self.project.get_visible(self.user_two))
class TestPublicNodes(SearchTestCase):
def setUp(self):
super(TestPublicNodes, self).setUp()
self.user = UserFactory(usename="Doug Bogie")
self.title = "Red Special"
self.consolidate_auth = Auth(user=self.user)
self.project = ProjectFactory(title=self.title, creator=self.user, is_public=True)
self.component = NodeFactory(parent=self.project, title=self.title, creator=self.user, is_public=True)
self.registration = ProjectFactory(title=self.title, creator=self.user, is_public=True, is_registration=True)
def test_make_private(self):
"""Make project public, then private, and verify that it is not present
in search.
"""
self.project.set_privacy("private")
docs = query("category:project AND " + self.title)["results"]
assert_equal(len(docs), 0)
self.component.set_privacy("private")
docs = query("category:component AND " + self.title)["results"]
assert_equal(len(docs), 0)
self.registration.set_privacy("private")
docs = query("category:registration AND " + self.title)["results"]
assert_equal(len(docs), 0)
def test_public_parent_title(self):
self.project.set_title("hello & world", self.consolidate_auth)
self.project.save()
docs = query("category:component AND " + self.title)["results"]
assert_equal(len(docs), 1)
assert_equal(docs[0]["parent_title"], "hello & world")
assert_true(docs[0]["parent_url"])
def test_make_parent_private(self):
"""Make parent of component, public, then private, and verify that the
component still appears but doesn't link to the parent in search.
"""
self.project.set_privacy("private")
docs = query("category:component AND " + self.title)["results"]
assert_equal(len(docs), 1)
assert_equal(docs[0]["parent_title"], "-- private project --")
assert_false(docs[0]["parent_url"])
def test_delete_project(self):
"""
"""
self.component.remove_node(self.consolidate_auth)
docs = query("category:component AND " + self.title)["results"]
assert_equal(len(docs), 0)
self.project.remove_node(self.consolidate_auth)
docs = query("category:project AND " + self.title)["results"]
assert_equal(len(docs), 0)
def test_change_title(self):
"""
"""
title_original = self.project.title
self.project.set_title("Blue Ordinary", self.consolidate_auth, save=True)
docs = query("category:project AND " + title_original)["results"]
assert_equal(len(docs), 0)
docs = query("category:project AND " + self.project.title)["results"]
assert_equal(len(docs), 1)
def test_add_tags(self):
tags = ["stonecoldcrazy", "just a poor boy", "from-a-poor-family"]
for tag in tags:
docs = query('tags:"{}"'.format(tag))["results"]
assert_equal(len(docs), 0)
self.project.add_tag(tag, self.consolidate_auth, save=True)
for tag in tags:
docs = query('tags:"{}"'.format(tag))["results"]
assert_equal(len(docs), 1)
def test_remove_tag(self):
tags = ["stonecoldcrazy", "just a poor boy", "from-a-poor-family"]
for tag in tags:
self.project.add_tag(tag, self.consolidate_auth, save=True)
self.project.remove_tag(tag, self.consolidate_auth, save=True)
docs = query('tags:"{}"'.format(tag))["results"]
assert_equal(len(docs), 0)
def test_update_wiki(self):
"""Add text to a wiki page, then verify that project is found when
searching for wiki text.
"""
wiki_content = {"home": "Hammer to fall", "swag": "#YOLO"}
for key, value in wiki_content.items():
docs = query(value)["results"]
assert_equal(len(docs), 0)
self.project.update_node_wiki(key, value, self.consolidate_auth)
docs = query(value)["results"]
assert_equal(len(docs), 1)
def test_clear_wiki(self):
"""Add wiki text to page, then delete, then verify that project is not
found when searching for wiki text.
"""
wiki_content = "Hammer to fall"
self.project.update_node_wiki("home", wiki_content, self.consolidate_auth)
self.project.update_node_wiki("home", "", self.consolidate_auth)
docs = query(wiki_content)["results"]
assert_equal(len(docs), 0)
def test_add_contributor(self):
"""Add a contributor, then verify that project is found when searching
for contributor.
"""
user2 = UserFactory(fullname="Adam Lambert")
docs = query('category:project AND "{}"'.format(user2.fullname))["results"]
assert_equal(len(docs), 0)
self.project.add_contributor(user2, save=True)
docs = query('category:project AND "{}"'.format(user2.fullname))["results"]
assert_equal(len(docs), 1)
def test_remove_contributor(self):
"""Add and remove a contributor, then verify that project is not found
when searching for contributor.
"""
user2 = UserFactory(fullname="Brian May")
self.project.add_contributor(user2, save=True)
self.project.remove_contributor(user2, self.consolidate_auth)
docs = query('category:project AND "{}"'.format(user2.fullname))["results"]
assert_equal(len(docs), 0)
def test_hide_contributor(self):
user2 = UserFactory(fullname="Brian May")
self.project.add_contributor(user2)
self.project.set_visible(user2, False, save=True)
docs = query('category:project AND "{}"'.format(user2.fullname))["results"]
assert_equal(len(docs), 0)
self.project.set_visible(user2, True, save=True)
docs = query('category:project AND "{}"'.format(user2.fullname))["results"]
assert_equal(len(docs), 1)
def test_wrong_order_search(self):
title_parts = self.title.split(" ")
title_parts.reverse()
title_search = " ".join(title_parts)
docs = query(title_search)["results"]
assert_equal(len(docs), 3)
def test_tag_aggregation(self):
tags = ["stonecoldcrazy", "just a poor boy", "from-a-poor-family"]
for tag in tags:
self.project.add_tag(tag, self.consolidate_auth, save=True)
docs = query(self.title)["tags"]
assert len(docs) == 3
for doc in docs:
assert doc["key"] in tags
