def test_when_user_is_an_admin_of_one_organization(self):
"""
When the user is an admin of one organization
organization_list_for_user() should return a list of just that one
organization.
"""
user = factories.User()
context = {'user': user['name']}
organization = factories.Organization()
# Create a second organization just so we can test that it does not get
# returned.
factories.Organization()
helpers.call_action('member_create', id=organization['id'],
object=user['id'], object_type='user',
capacity='admin')
organizations = helpers.call_action('organization_list_for_user',
context=context)
assert len(organizations) == 1
assert organizations[0]['id'] == organization['id']
def test_invalid_permission(self):
'''
organization_list_for_user() should return an empty list if passed a
non-existent or invalid permission.
Note that we test this with a user who is an editor of one organization.
If the user was an admin of the organization then it would return that
organization - admins have all permissions, including permissions that
don't exist.
'''
user = factories.User()
context = {'user': user['name']}
organization = factories.Organization()
factories.Organization()
helpers.call_action('member_create', id=organization['id'],
object=user['id'], object_type='user',
capacity='editor')
for permission in ('', ' ', 'foo', 27.3, 5, True, False, None):
organizations = helpers.call_action('organization_list_for_user',
permission=permission,
context=context)
assert organizations == []
def test_when_user_is_an_admin_of_three_organizations(self):
"""
When the user is an admin of three organizations
organization_list_for_user() should return a list of all three
organizations.
"""
user = factories.User()
context = {'user': user['name']}
organization_1 = factories.Organization()
organization_2 = factories.Organization()
organization_3 = factories.Organization()
# Create a second organization just so we can test that it does not get
# returned.
factories.Organization()
# Make the user an admin of all three organizations:
for organization in (organization_1, organization_2, organization_3):
helpers.call_action('member_create', id=organization['id'],
object=user['id'], object_type='user',
capacity='admin')
organizations = helpers.call_action('organization_list_for_user',
context=context)
assert len(organizations) == 3
ids = [organization['id'] for organization in organizations]
for organization in (organization_1, organization_2, organization_3):
assert organization['id'] in ids
def test_organization_list(self):
org1 = factories.Organization()
org2 = factories.Organization()
org_list = helpers.call_action('organization_list')
assert (sorted(org_list) == sorted([g['name'] for g in [org1, org2]]))
def test_different_org_user_cant_create(self):
user = factories.User()
org_users = [{'name': user['name'], 'capacity': 'editor'}]
org1 = factories.Organization(users=org_users)
org2 = factories.Organization()
dataset = {'name': 'different-org-user-cant-create',
'owner_org': org2['id']}
context = {'user': user['name'], 'model': core_model}
response = auth_create.package_create(context, dataset)
assert_equals(response['success'], False)
def test_mix_of_broken_and_working_links(self):
user = factories.User()
config.authorized_users = [user["name"]]
org_1 = factories.Organization()
dataset_1 = custom_factories.Dataset(owner_org=org_1["id"])
dataset_2 = custom_factories.Dataset(owner_org=org_1["id"])
resource_1 = custom_factories.Resource(package_id=dataset_1["id"])
resource_2 = custom_factories.Resource(package_id=dataset_2["id"])
org_2 = factories.Organization()
dataset_3 = custom_factories.Dataset(owner_org=org_2["id"])
resource_3 = custom_factories.Resource(package_id=dataset_3["id"])
resource_4 = custom_factories.Resource(package_id=dataset_3["id"])
org_3 = factories.Organization()
dataset_4 = custom_factories.Dataset(owner_org=org_3["id"])
resource_5 = custom_factories.Resource(package_id=dataset_4["id"])
dataset_5 = custom_factories.Dataset(owner_org=org_3["id"])
resource_6 = custom_factories.Resource(package_id=dataset_5["id"])
resource_7 = custom_factories.Resource(package_id=dataset_5["id"])
resource_8 = custom_factories.Resource(package_id=dataset_5["id"])
custom_helpers.make_broken((resource_1, resource_3, resource_4,
resource_5, resource_6, resource_7),
user)
custom_helpers.make_working((resource_2, resource_8), user)
report = helpers.call_action(
"ckanext_deadoralive_broken_links_by_organization")
assert len(report) == 3, ("There should be 3 organizations listed in "
"the report")
assert [org["name"] for org in report] == [
org_3["name"], org_2["name"], org_1["name"]], (
"The organizations should be sorted most broken datasets first")
# Check that the num_broken_links for each org is correct.
assert report[0]["num_broken_links"] == 3
assert report[1]["num_broken_links"] == 2
assert report[2]["num_broken_links"] == 1
# Check org_3's report in detail.
org_3_report = report[0]
assert len(org_3_report["datasets_with_broken_links"]) == 2
org_3_broken_datasets = org_3_report["datasets_with_broken_links"]
assert [dataset["name"] for dataset in org_3_broken_datasets] == [
dataset_5["name"], dataset_4["name"]]
dataset_5_report = org_3_broken_datasets[0]
assert dataset_5_report["num_broken_links"] == 2
assert len(dataset_5_report["resources_with_broken_links"]) == 2
assert [resource_id for resource_id
in dataset_5_report["resources_with_broken_links"]] == [
resource_6["id"], resource_7["id"]]
def test_organization_list_in_presence_of_custom_group_types(self):
'''
Getting the organization_list only returns organization group
types.
'''
org1 = factories.Organization()
org2 = factories.Organization()
factories.Group(type="custom")
factories.Group(type="custom")
org_list = helpers.call_action('organization_list')
assert (sorted(org_list) == sorted([g['name'] for g in [org1, org2]]))
def test_group_list_in_presence_of_organizations(self):
'''
Getting the group_list should only return groups of type 'group' (not
organizations).
'''
group1 = factories.Group()
group2 = factories.Group()
factories.Organization()
factories.Organization()
group_list = helpers.call_action('group_list')
assert (sorted(group_list) ==
sorted([g['name'] for g in [group1, group2]]))
def test_editors_and_admins_with_2_editors_and_2_admins(self):
admin_1 = factories.User()
org_1 = factories.Organization(user=admin_1)
admin_2 = factories.User()
helpers.call_action('organization_member_create',
context={'user': admin_1['name']},
id=org_1['id'], username=admin_2['name'], role='admin')
org_2 = factories.Organization(user=admin_1)
editor = factories.User()
helpers.call_action('organization_member_create',
context={'user': admin_1['name']},
id=org_2['id'], username=editor['name'], role='editor')
assert _equal_unordered(plugin.editors_and_admins(),
[admin_1['id'], admin_2['id'], editor['id']])
def setup(self):
super(TestEnabledForOrganizations, self).setup()
self.dataset = factories.Dataset()
self.org = factories.Organization(name='org')
self.enabled_org = factories.Organization(name='enabled-org')
self.dataset_enabled = factories.Dataset(
name='dataset-enabled', owner_org=self.enabled_org['id'])
self.dataset_misleading_extra = \
factories.Dataset(
extras=[{
'key': 'issues_enabled',
'value': True
}],
)
self.app = self._get_test_app()
def test_add_first_resource(self):
owner = factories.User()
org = factories.Organization(category='local-council', user=owner)
dataset = factories.Dataset(user=owner,
owner_org=org['id'],
name='test-dataset',
license_id='uk-ogl', notes='desc')
context = {'user': owner['id']}
helpers.call_action('resource_create', context=context,
package_id=dataset['id'],
url='http://example.com/file.csv',
description='desc',
format='csv',
resource_type='file',
date='31/3/2012')
updated_dataset = helpers.call_action('dataset_show', id=dataset['id'])
assert_equal(len(updated_dataset['resources']), 1)
assert_equal(updated_dataset['resources'][0]['url'],
'http://example.com/file.csv')
assert_equal(updated_dataset['resources'][0]['description'], 'desc')
assert_equal(updated_dataset['resources'][0]['format'], 'csv')
assert_equal(updated_dataset['resources'][0]['resource_type'], 'file')
assert_equal(updated_dataset['resources'][0]['date'], '31/3/2012')
def test_organogram_dataset(self):
user = factories.User(sysadmin=True)
#user['capacity'] = 'editor'
org = factories.Organization(name='department-for-education',
category='ministerial-department',
users=[user])
schema = dgu_factories.SchemaObj(title='organogram schema')
pkg = {
"name":"organogram-department-of-education",
"title": "Organogram of Staff Roles & Salaries",
"owner_org": "department-for-education",
"license_id": "uk-ogl",
"notes": "Organogram (organisation chart) showing all staff roles",
"tags": [{"name": "organograms"}],
"schema": ["organogram schema"],
"extras": [
{"key": "geographic_coverage","value": "111100: United Kingdom"
" (England, Scotland, Wales, Northern Ireland)"},
{"key": "mandate", "value": "https://www.gov.uk/government/"
"news/letter-to-government-departments-on-opening-up-data"},
{"key": "update_frequency", "value": "biannually"},
{"key": "temporal_coverage-from", "value": "2010"},
{"key": "theme-primary", "value": "Government Spending"},
{"key": "import_source", "value": "organograms_v2"}
]
}
factories.Dataset(**pkg)
context = {'model': model, 'session': model.Session,
'user': user['name']}
pkg = get_action('package_show')(context, {'id': pkg['name']})
print 'UPDATE'
new_pkg = get_action('package_update')(context, pkg)
assert_equal(new_pkg['schema'], pkg['schema'])
def test_that_it_does_not_return_deleted_organizations(self):
"""
organization_list_for_user() should not return deleted organizations
that the user was an admin of.
"""
user = factories.User()
context = {'user': user['name']}
organization = factories.Organization()
# Make the user an admin of the organization.
helpers.call_action('member_create',
id=organization['id'],
object=user['id'],
object_type='user',
capacity='admin')
# Delete the organization.
helpers.call_action('organization_delete', id=organization['id'])
organizations = helpers.call_action('organization_list_for_user',
context=context)
assert organizations == []
def test_member_create(self):
'''Test that the member_create API is also blocked.
Most of the tests above use organization_member_create.
'''
organization_admin = factories.User()
organization = factories.Organization(user=organization_admin)
editor_1 = factories.User()
helpers.call_action('member_create',
context={'user': organization_admin['name']},
id=organization['id'], object=editor_1['id'],
object_type='user', capacity='editor')
editor_2 = factories.User()
helpers.call_action('member_create',
context={'user': organization_admin['name']},
id=organization['id'], object=editor_2['id'],
object_type='user', capacity='editor')
# We should not be able to create another editor.
editor_3 = factories.User()
url = toolkit.url_for(controller='api', logic_function='member_create',
action='action', ver=3)
data_dict = {'id': organization['id'], 'object': editor_3['id'],
'object_type': 'user', 'capacity': 'editor'}
response = self.app.post_json(url, data_dict,
extra_environ={'REMOTE_USER': str(organization_admin['name'])},
status=403)
# Test that we were denied for the right reason.
# (This catches mistakes in the tests, for example if the test didn't
# pass REMOTE_USER we would get a 403 but for a different reason.)
assert response.json['error']['message'] == ("Access denied: You're "
"only allowed to have 3 "
"editors")
def test_fetch_org_editors(self):
owner = factories.User(name='test_owner')
editor = factories.User(name='test_editor')
admin = factories.User(name='test_admin')
member = factories.User(name='test_member')
factories.User(name='test_user')
organization = factories.Organization(user=owner,
users=[
{
'name': editor['id'],
'capacity': 'editor'
},
{
'name': admin['id'],
'capacity': 'admin'
},
{
'name': member['id']
},
])
result = helpers.call_action('organization_users_autocomplete',
q='test',
organization_id=organization['id'])
assert_equals(set(['test_owner', 'test_editor', 'test_admin']),
set([i['name'] for i in result]))
def test_add_multiple_resources(self):
owner = factories.User()
org = factories.Organization(category='local-council', user=owner)
dataset = factories.Dataset(user=owner,
owner_org=org['id'],
name='test-dataset',
license_id='uk-ogl', notes='desc')
context = {'user': owner['id']}
for i in range(10):
helpers.call_action('resource_create', context=context,
package_id=dataset['id'],
url='http://example.com/%s.csv' % i,
description='desc %s' % i,
date='31/%s/2012' % (i + 1),
format='csv',
resource_type='file')
updated_dataset = helpers.call_action('dataset_show', id=dataset['id'])
assert_equal(len(updated_dataset['resources']), 10)
assert_equal(updated_dataset['resources'][0]['url'],
'http://example.com/0.csv')
assert_equal(updated_dataset['resources'][0]['description'], 'desc 0')
assert_equal(updated_dataset['resources'][0]['position'], 0)
assert_equal(updated_dataset['resources'][0]['date'], '31/1/2012')
assert_equal(updated_dataset['resources'][1]['url'],
'http://example.com/1.csv')
assert_equal(updated_dataset['resources'][1]['description'], 'desc 1')
assert_equal(updated_dataset['resources'][1]['position'], 1)
assert_equal(updated_dataset['resources'][1]['date'], '31/2/2012')
def test_not_authorized_if_user_has_no_permissions_on_dataset(self):
org = factories.Organization()
user = factories.User()
member = {'username': user['name'], 'role': 'admin', 'id': org['id']}
helpers.call_action('organization_member_create', **member)
user_2 = factories.User()
dataset = factories.Dataset(owner_org=org['id'])
resource = factories.Resource(package_id=dataset['id'])
resource_view = {
'resource_id': resource['id'],
'title': u'Resource View',
'view_type': u'image_view',
'image_url': 'url'
}
context = {'user': user_2['name'], 'model': core_model}
nose.tools.assert_raises(logic.NotAuthorized,
helpers.call_auth,
'resource_view_create',
context=context,
**resource_view)
def test_not_authorized_if_user_has_no_permissions_on_dataset(self):
org = factories.Organization()
user = factories.User()
member = {'username': user['name'], 'role': 'admin', 'id': org['id']}
helpers.call_action('organization_member_create', **member)
user_2 = factories.User()
dataset = factories.Dataset(user=user, owner_org=org['id'])
resource = {
'package_id': dataset['id'],
'title': 'Resource',
'url': 'http://test',
'format': 'csv'
}
context = {'user': user_2['name'], 'model': core_model}
nose.tools.assert_raises(logic.NotAuthorized,
helpers.call_auth,
'resource_create',
context=context,
**resource)
def setup(self):
super(TestShow, self).setup()
self.owner = factories.User()
self.org = factories.Organization(user=self.owner)
self.dataset = factories.Dataset(user=self.owner,
owner_org=self.org['name'])
self.app = self._get_test_app()
def test_group_show_error_for_organization(self):
org = factories.Organization()
nose.tools.assert_raises(
logic.NotFound,
helpers.call_action, 'group_show', id=org['id'])
def test_publisher_is_official(self):
user = factories.User()
org_users = [{'name': user['name'], 'capacity': 'editor'}]
factories.Organization(users=org_users,
category='ministerial-department')
name, obj, drupal_id, type_, this_is_me = user_properties(user['name'])
assert_equal(type_, 'official')
def test_organization_show_private_packages_not_returned(self):
user_name = helpers.call_action('get_site_user')['name']
org = factories.Organization()
datasets = [
{
'name': 'dataset_1',
'owner_org': org['name']
},
{
'name': 'dataset_2',
'owner_org': org['name'],
'private': True
},
]
for dataset in datasets:
helpers.call_action('package_create',
context={'user': user_name},
**dataset)
org_dict = helpers.call_action('organization_show', id=org['id'])
assert len(org_dict['packages']) == 1
assert org_dict['packages'][0]['name'] == 'dataset_1'
assert org_dict['package_count'] == 1
def test_group_show_does_not_show_private_datasets(self):
'''group_show() should never show private datasets.
If a dataset is a private member of an organization and also happens to
be a member of a group, group_show() should not return the dataset as
part of the group dict, even if the user calling group_show() is a
member or admin of the group or the organization or is a sysadmin.
'''
org_member = factories.User()
org = factories.Organization(user=org_member)
private_dataset = factories.Dataset(user=org_member,
owner_org=org['name'],
private=True)
group = factories.Group()
# Add the private dataset to the group.
helpers.call_action('member_create',
id=group['id'],
object=private_dataset['id'],
object_type='package',
capacity='public')
# Create a member user and an admin user of the group.
group_member = factories.User()
helpers.call_action('member_create',
id=group['id'],
object=group_member['id'],
object_type='user',
capacity='member')
group_admin = factories.User()
helpers.call_action('member_create',
id=group['id'],
object=group_admin['id'],
object_type='user',
capacity='admin')
# Create a user who isn't a member of any group or organization.
non_member = factories.User()
sysadmin = factories.Sysadmin()
# None of the users should see the dataset when they call group_show().
for user in (org_member, group_member, group_admin, non_member,
sysadmin, None):
if user is None:
context = None # No user logged-in.
else:
context = {'user': user['name']}
group = helpers.call_action('group_show',
id=group['id'],
context=context)
assert private_dataset['id'] not in [
dataset['id'] for dataset in group['packages']
], ("group_show() should never show private datasets")
def test_same_org_user_can_create(self):
user = factories.User()
org_users = [{'name': user['name'], 'capacity': 'editor'}]
org = factories.Organization(users=org_users)
dataset = {'name': 'same-org-user-can-create', 'owner_org': org['id']}
context = {'user': user['name'], 'model': core_model}
response = auth_create.package_create(context, dataset)
assert_equals(response['success'], True)
def setup(self):
HarvestFixtureBase.setup(self)
# Add publisher
if not hasattr(self, 'publisher'):
self.publisher = factories.Organization(
title='Test Organization',
abbreviation='TO',
category='sub-organisation')
def test_bulk_process(self):
app = self._get_test_app()
user = factories.User()
group = factories.Organization(user=user, type=custom_group_type)
group_name = group['name']
env = {'REMOTE_USER': user['name'].encode('ascii')}
url = url_for('%s_bulk_process' % custom_group_type, id=group_name)
response = app.get(url=url, extra_environ=env)
def setup(self):
super(TestIssueEdit, self).setup()
self.owner = factories.User()
self.org = factories.Organization(user=self.owner)
self.dataset = factories.Dataset(user=self.owner,
owner_org=self.org['name'])
self.issue = issue_factories.Issue(user=self.owner,
dataset_id=self.dataset['id'])
self.app = self._get_test_app()
def test_organization_member_create_with_max_editors_5(self):
'''Test that setting max_editors to 5 in the config file works.
If we edit the config, we should be allowed to create one admin and
4 editors, but no more.
'''
config['ckan.express.max_editors'] = '5'
organization_admin = factories.User()
organization = factories.Organization(user=organization_admin)
editor_1 = factories.User()
editor_2 = factories.User()
editor_3 = factories.User()
editor_4 = factories.User()
# This should not fail - we should be allowed to have one admin and
# three editors.
for editor in (editor_1, editor_2, editor_3):
helpers.call_action(
'organization_member_create',
context={'user': organization_admin['name']},
id=organization['id'], username=editor['name'], role='editor')
# At this point we have 4 "editors" (one admin and three editors)
# and max_editors is 5, so we should be allowed to add one more editor.
url = toolkit.url_for(controller='api',
logic_function='organization_member_create',
action='action', ver=3)
data_dict = {'id': organization['id'], 'username': editor_4['name'],
'role': 'editor'}
response = self.app.post_json(
url, data_dict,
extra_environ={'REMOTE_USER': str(organization_admin['name'])})
members = helpers.call_action('member_list', id=organization['id'])
assert (organization_admin['id'], 'user', 'Admin') in members
for editor in (editor_1, editor_2, editor_3, editor_4):
assert (editor['id'], 'user', 'Editor') in members
# At this point we should not be allowed to create any more editors
# though.
editor_5 = factories.User()
url = toolkit.url_for(controller='api',
logic_function='organization_member_create',
action='action', ver=3)
data_dict = {'id': organization['id'], 'username': editor_5['name'],
'role': 'editor'}
response = self.app.post_json(url, data_dict,
extra_environ={'REMOTE_USER': str(organization_admin['name'])},
status=403)
# Test that we were denied for the right reason.
# (This catches mistakes in the tests, for example if the test didn't
# pass REMOTE_USER we would get a 403 but for a different reason.)
assert response.json['error']['message'] == ("Access denied: You're "
"only allowed to have 5 "
"editors")
def test_organization_show(self):
org = factories.Organization()
org_dict = helpers.call_action('organization_show', id=org['id'])
# FIXME: Should this be returned by organization_create?
org_dict.pop('num_followers', None)
assert org_dict == org
def test_group_show__deleted_org_is_visible_to_its_member(self):
fred = factories.User(name='fred')
fred['capacity'] = 'editor'
org = factories.Organization(users=[fred])
context = {'model': model}
context['user'] = '******'
ret = helpers.call_auth('group_show', context=context, id=org['name'])
assert ret
