class ProcessTagCleanupsTestCase(TestCase): def setUp(self): self.user_factory = UserFactory() self.superuser = self.user_factory.create(is_superuser=True) self.user = self.user_factory.create() self.tag_cleanups = TagCleanup.objects.bulk_create([ TagCleanup(old_name='foo', new_name='bar'), TagCleanup(old_name='foo', new_name='baz') ]) def test_process_tagcleanups_permission(self): self.client.login(username=self.user.username, password=self.user_factory.password) # Users without process_tagcleanup permission should not be able to use the route response = self.client.post(TagCleanup.process_url()) self.assertEqual(response.status_code, 403) self.assertEqual(TagCleanup.objects.filter(transaction_id__isnull=True).count(), 2) # Superusers can call the process route to process tag cleanups self.client.login(username=self.superuser.username, password=self.user_factory.password) response = self.client.post(TagCleanup.process_url(), data={'action': 'process'}) self.assertEqual(response.status_code, 302) self.assertEqual(TagCleanup.objects.filter(transaction_id__isnull=True).count(), 0) def test_no_delete_permission_on_inactive_tagcleanups(self): tag_cleanup = TagCleanup.objects.get(new_name='bar') ph = TagCleanupPermissionHelper(TagCleanup) self.assertIsNone(tag_cleanup.transaction_id) self.assertTrue(ph.user_can_delete_obj(self.superuser, tag_cleanup)) TagCleanup.objects.process() tag_cleanup = TagCleanup.objects.get(new_name='bar') self.assertIsNotNone(tag_cleanup.transaction_id) self.assertFalse(ph.user_can_delete_obj(self.superuser, tag_cleanup))
class CodebaseReleaseViewSetTestCase(BaseViewSetTestCase): _view = CodebaseReleaseViewSet def setUp(self): self.user_factory = UserFactory() self.submitter = self.user_factory.create(username='******') self.other_user = self.user_factory.create(username='******') codebase_factory = CodebaseFactory(submitter=self.submitter) self.codebase = codebase_factory.create() self.codebase_release = self.codebase.create_release(draft=False, initialize=False) self.path = self.codebase_release.get_list_url() def test_release_creation_only_if_codebase_change_permission(self): response = self.client.post(path=self.path, format='json', HTTP_ACCEPT='application/json') self.assertResponsePermissionDenied(response) self.login(self.other_user, self.user_factory.password) response_other_user = self.client.post(path=self.path, data=None, HTTP_ACCEPT='application/json', format='json') self.assertResponsePermissionDenied(response_other_user) self.login(self.submitter, self.user_factory.password) response_submitter = self.client.post(path=self.path, HTTP_ACCEPT='application/json', format='json') self.assertResponseCreated(response_submitter) def test_destroy_method_not_allowed(self): path = self.codebase_release.get_absolute_url() response = self.client.delete(path=path) self.assertResponseMethodNotAllowed(response) self.client.login(username=self.other_user.username, password=self.user_factory.password) response = self.client.delete(path=path, HTTP_ACCEPT='application/json') self.assertResponseMethodNotAllowed(response) self.client.login(username=self.submitter.username, password=self.user_factory.password) response = self.client.delete(path=path, HTTP_ACCEPT='application/json') self.assertResponseMethodNotAllowed(response)
def setUp(self): user_factory = UserFactory() self.submitter = user_factory.create() self.profile = self.submitter.member_profile self.profile.personal_url = 'https://geocities.com/{}'.format( self.submitter.username) self.profile.save()
def setUp(self): user_factory = UserFactory() self.submitter = user_factory.create() codebase_factory = CodebaseFactory(submitter=self.submitter) contributor_factory = ContributorFactory(user=self.submitter) contributor = contributor_factory.create(user=self.submitter) self.codebase = codebase_factory.create(submitter=self.submitter) self.codebase_release = self.codebase.create_release(initialize=False) release_contributor_factory = ReleaseContributorFactory( codebase_release=self.codebase_release) release_contributor_factory.create(contributor=contributor)
class WagtailAdminLoginTestCase(TestCase): def setUp(self): self.user_factory = UserFactory() self.superuser = self.user_factory.create(is_superuser=True) self.staff = self.user_factory.create(is_staff=True) def assertLoginStatusCodeMatchForUser(self, user, status_code): success = self.client.login(username=user.username, password=self.user_factory.password) if success: response = self.client.get(reverse('wagtailadmin_home')) self.assertEqual(response.status_code, status_code) else: raise ValueError('login for user {} failed'.format(user)) def test_regular_login(self): regular_user = self.user_factory.create() self.assertLoginStatusCodeMatchForUser(regular_user, status.HTTP_403_FORBIDDEN) def test_superuser_login(self): superuser = self.user_factory.create(is_superuser=True) self.assertLoginStatusCodeMatchForUser(superuser, status.HTTP_200_OK) def test_staff_login(self): staff = self.user_factory.create(is_staff=True) self.assertLoginStatusCodeMatchForUser(staff, status.HTTP_403_FORBIDDEN) def test_access_admin_login(self): content_type = ContentType.objects.get(model='admin') permission = Permission.objects.get(content_type=content_type, codename='access_admin') access_admin_user = self.user_factory.create() access_admin_user.user_permissions.add(permission) self.assertLoginStatusCodeMatchForUser(access_admin_user, status.HTTP_200_OK)
class TagCleanupTestCase(TestCase): def setUp(self): self.user_factory = UserFactory() self.user = self.user_factory.create() self.codebase_factory = CodebaseFactory(self.user) self.codebase = self.codebase_factory.create() self.event_factory = EventFactory(self.user) self.event = self.event_factory.create() self.job_factory = JobFactory(self.user) self.job = self.job_factory.create() tag = Tag(name='a random tag') tag.save() def add_tags(self, tags): self.codebase.tags.add(*tags) self.codebase.save() self.event.tags.add(*tags) self.event.save() self.job.tags.add(*tags) self.job.save() def check_tag_name_presence(self, model, names): self.assertEqual(model.tags.filter(name__in=names).count(), len(names)) def test_tag_many_to_many(self): old_tags = [Tag(name='abm'), Tag(name='agent based model (python)')] for t in old_tags: t.save() self.add_tags(old_tags) new_names = ['agent based model', 'python'] for old_tag in old_tags: for new_name in new_names: TagCleanup.objects.create(new_name=new_name, old_name=old_tag.name) TagCleanup.objects.process() self.check_tag_name_presence(Event, new_names) self.check_tag_name_presence(Job, new_names) self.check_tag_name_presence(Codebase, new_names) def test_tag_delete(self): tag = Tag.objects.get(name='a random tag') self.add_tags([tag]) new_names = [] # Empty string new_value is a sentinel value for deletion TagCleanup.objects.create(old_name='a random tag', new_name='') TagCleanup.objects.process() self.assertEqual(Tag.objects.count(), 0) self.check_tag_name_presence(Event, new_names) self.check_tag_name_presence(Job, new_names) self.check_tag_name_presence(Codebase, new_names)
class CodebaseReleaseDraftViewTestCase(ApiAccountMixin, ResponseStatusCodesMixin, TestCase): def setUp(self): self.user_factory = UserFactory() self.submitter = self.user_factory.create(username='******') self.other_user = self.user_factory.create(username='******') codebase_factory = CodebaseFactory(submitter=self.submitter) self.codebase = codebase_factory.create() self.codebase_release = self.codebase.create_release(draft=False, live=False, initialize=False) self.path = self.codebase.get_draft_url() def test_release_creation_only_if_codebase_change_permission(self): response = self.client.post(path=self.path) self.assertResponsePermissionDenied(response) self.login(self.other_user, self.user_factory.password) response_other_user = self.client.post(path=self.path) self.assertResponsePermissionDenied(response_other_user) self.login(self.submitter, self.user_factory.password) response_submitter = self.client.post(path=self.path) self.assertResponseFound(response_submitter)
class ArchiveExtractorTestCase(TestCase): nestedcode_folder_name = 'library/tests/archives/nestedcode' def setUp(self): self.user_factory = UserFactory() self.submitter = self.user_factory.create() self.codebase_factory = CodebaseFactory(submitter=self.submitter) self.codebase = self.codebase_factory.create() self.codebase_release = self.codebase.create_release() def test_zipfile_saving(self): fs_api = self.codebase_release.get_fs_api() msgs = import_archive(codebase_release=self.codebase_release, nestedcode_folder_name=self.nestedcode_folder_name, fs_api=fs_api) logs, level = msgs.serialize() self.assertEquals(level, MessageLevels.warning) self.assertEquals(len(logs), 2) self.assertEqual(set(fs_api.list(StagingDirectories.originals, FileCategoryDirectories.code)), {'nestedcode.zip'}) # Notice that .DS_Store and .svn folder file are eliminated self.assertEqual(set(fs_api.list(StagingDirectories.sip, FileCategoryDirectories.code)), {'src/ex.py', 'README.md'}) fs_api.get_or_create_sip_bag(self.codebase_release.bagit_info) fs_api.clear_category(FileCategoryDirectories.code) self.assertEqual(set(fs_api.list(StagingDirectories.originals, FileCategoryDirectories.code)), set()) self.assertEqual(set(fs_api.list(StagingDirectories.sip, FileCategoryDirectories.code)), set()) def test_invalid_zipfile_saving(self): archive_name = 'library/tests/archives/invalid.zip' fs_api = self.codebase_release.get_fs_api() with open(archive_name, 'rb') as f: msgs = fs_api.add(FileCategoryDirectories.code, content=f, name="invalid.zip") logs, level = msgs.serialize() self.assertEquals(level, MessageLevels.error) self.assertEquals(len(logs), 1) @classmethod def tearDownClass(cls): super().tearDownClass() if os.path.exists(cls.nestedcode_folder_name): os.remove("{}.zip".format(cls.nestedcode_folder_name))
class EventSerializerTestCase(TestCase): def setUp(self): self.user_factory = UserFactory() self.user = self.user_factory.create() self.event_factory = EventFactory(submitter=self.user) def test_start_date_lth_end_date(self): event = self.event_factory.create_unsaved() dt = datetime.now() + timedelta(days=1) event.start_date = dt event.end_date = dt serialized_event = EventSerializer(event).data with self.assertRaises(ValidationError): deserialized_event = EventSerializer(data=serialized_event) deserialized_event.is_valid(raise_exception=True) event.end_date = event.start_date + timedelta(days=1) serialized_event = EventSerializer(event).data deserialized_event = EventSerializer(data=serialized_event) deserialized_event.is_valid(raise_exception=True)
class WagtailAdminLoginTestCase(TestCase): def setUp(self): self.user_factory = UserFactory() self.superuser = self.user_factory.create(is_superuser=True) self.staff = self.user_factory.create(is_staff=True) def assertLoginStatusCodeMatchForUser(self, user, status_code): success = self.client.login(username=user.username, password=self.user_factory.password) if success: response = self.client.get(reverse('wagtailadmin_home')) self.assertEqual(response.status_code, status_code) return response else: raise ValueError('login for user {} failed'.format(user)) def test_regular_login(self): regular_user = self.user_factory.create() # default behavior for wagtail admin login failed is a 302 redirect to the login page response = self.assertLoginStatusCodeMatchForUser( regular_user, status.HTTP_302_FOUND) message = response.context['message'] self.assertEqual(message, 'You do not have permission to access the admin') def test_superuser_login(self): superuser = self.user_factory.create(is_superuser=True) self.assertLoginStatusCodeMatchForUser(superuser, status.HTTP_200_OK) def test_staff_login(self): staff = self.user_factory.create(is_staff=True) response = self.assertLoginStatusCodeMatchForUser( staff, status.HTTP_302_FOUND) message = response.context['message'] self.assertEqual(message, 'You do not have permission to access the admin') def test_access_admin_login(self): content_type = ContentType.objects.get(model='admin') permission = Permission.objects.get(content_type=content_type, codename='access_admin') access_admin_user = self.user_factory.create() access_admin_user.user_permissions.add(permission) self.assertLoginStatusCodeMatchForUser(access_admin_user, status.HTTP_200_OK)
class EventViewSetTestCase(BaseViewSetTestCase): _view = EventViewSet def setUp(self): self.user_factory = UserFactory() submitter = self.user_factory.create(username='******') self.instance_factory = EventFactory(submitter=submitter) self.create_representative_users(submitter) self.instance = self.instance_factory.create() def test_retrieve(self): self.check_retrieve() def test_destroy(self): self.check_destroy() def test_update(self): self.check_update() def test_create(self): self.check_create() def test_list(self): self.check_list()
def setUp(self): user_factory = UserFactory() self.submitter = user_factory.create(username='******') job_factory = JobFactory(submitter=self.submitter) self.job = job_factory.create()
def setUp(self): user_factory = UserFactory() self.submitter = user_factory.create() codebase_factory = CodebaseFactory(submitter=self.submitter) self.codebase = codebase_factory.create()
class CodebaseReleasePublishTestCase(TestCase): client_class = APIClient def setUp(self): self.user_factory = UserFactory() self.submitter = self.user_factory.create() codebase_factory = CodebaseFactory(submitter=self.submitter) self.codebase = codebase_factory.create() # Want to test get_fs_api creates the file system even if file system is not initialized properly self.codebase_release = self.codebase.create_release(initialize=False) contributor_factory = ContributorFactory(user=self.submitter) self.contributor = contributor_factory.create() self.release_contributor_factory = ReleaseContributorFactory( codebase_release=self.codebase_release) def test_publish_codebaserelease(self): with self.assertRaises(ValidationError): self.codebase_release.publish() self.release_contributor_factory.create(self.contributor) with self.assertRaises(ValidationError): self.codebase_release.publish() self.client.login(username=self.submitter.username, password=self.user_factory.password) response = self.client.post(self.codebase_release.regenerate_share_url, HTTP_ACCEPT='application/json') self.assertEqual(response.status_code, 200) code_file = io.BytesIO(bytes('Hello world!', 'utf8')) code_file.name = 'test.nlogo' docs_file = io.BytesIO(bytes('A new model', 'utf8')) docs_file.name = 'README.md' api = self.codebase_release.get_fs_api() api.add(content=code_file, category=FileCategoryDirectories.code) api.add(content=docs_file, category=FileCategoryDirectories.docs) with self.assertRaises( ValidationError, msg='Codebase has no metadata, should fail publish'): self.codebase_release.publish() # FIXME: add metadata to codebase release and verify that publish doesn't raise a ValidationError self.codebase_release.os = 'Windows' self.assertRaises(ValidationError, lambda: self.codebase_release.publish()) self.codebase_release.license = License.objects.create( name='0BSD', url='https://spdx.org/licenses/0BSD.html') self.assertRaises(ValidationError, lambda: self.codebase_release.publish()) self.codebase_release.programming_languages.add('Java') self.codebase_release.publish() download_response = self.client.get( self.codebase_release.get_review_download_url()) self.assertEqual( download_response.status_code, 404, msg= 'Published model should not allow access to a review download URL') response = self.client.post(self.codebase_release.regenerate_share_url, HTTP_ACCEPT='application/json') self.assertEqual( response.status_code, 400, msg= 'Published model should not permit regeneration of a unique share URL' )
class CodebaseViewSetTestCase(BaseViewSetTestCase): _view = CodebaseViewSet @property def serializer_class(self): view = self.view_class() view.action = self.action return view.get_serializer_class() def setUp(self): self.user_factory = UserFactory() submitter = self.user_factory.create() self.create_representative_users(submitter) self.instance_factory = CodebaseFactory(submitter=submitter) self.instance = self.instance_factory.create() self.instance.create_release(live=True, draft=False, initialize=False) def assertResponseNoPermission(self, instance, response): if instance.live: self.assertResponsePermissionDenied(response) else: self.assertResponseNotFound(response) def check_retrieve_permissions(self, user, instance): response = self.client.get(instance.get_absolute_url(), HTTP_ACCEPT='application/json', format='json') has_perm = user.has_perm(create_perm_str(self.model_class(), 'view'), obj=instance) if has_perm: self.assertResponseOk(response) else: self.assertResponseNoPermission(instance, response) def check_destroy_method_not_allowed(self, user, instance): response = self.client.delete(instance.get_absolute_url(), HTTP_ACCEPT='application/json', format='json') self.assertResponseMethodNotAllowed(response) def check_update_permissions(self, user, instance): serialized = self.serializer_class(instance) response = self.client.put(instance.get_absolute_url(), serialized.data, HTTP_ACCEPT='application/json', format='json') has_perm = user.has_perm(create_perm_str(instance, 'change'), obj=instance) if has_perm: self.assertResponseOk(response) elif instance.live: self.assertResponsePermissionDenied(response) else: self.assertResponseNotFound(response) def check_destroy(self): for user in self.users_able_to_login: codebase = self.instance_factory.create() self.instance.create_release(initialize=False) codebase = Codebase.objects.get(pk=codebase.id) self.with_logged_in(user, codebase, self.check_destroy_method_not_allowed) other_codebase = self.instance_factory.create() other_codebase.create_release(initialize=False) other_codebase = Codebase.objects.get(pk=other_codebase.id) assign_perm(create_perm_str(other_codebase, 'delete'), user_or_group=user, obj=other_codebase) self.with_logged_in(user, other_codebase, self.check_destroy_method_not_allowed) codebase = self.instance_factory.create() codebase.create_release(initialize=False) codebase = Codebase.objects.get(pk=codebase.id) response = self.client.delete(codebase.get_absolute_url()) self.assertResponseMethodNotAllowed(response) def check_update(self): for user in self.users_able_to_login: codebase = self.instance_factory.create() codebase.create_release(initialize=False) codebase = Codebase.objects.get(pk=codebase.id) self.with_logged_in(user, codebase, self.check_update_permissions) assign_perm(create_perm_str(self.instance, 'change'), user_or_group=user, obj=codebase) self.with_logged_in(user, codebase, self.check_update_permissions) codebase = self.instance_factory.create() codebase.create_release(initialize=False) codebase = Codebase.objects.get(pk=codebase.id) self.check_update_permissions(self.anonymous_user, codebase) def test_retrieve(self): self.action = 'retrieve' self.check_retrieve() def test_update(self): self.action = 'update' self.check_update() def test_destroy(self): self.action = 'destroy' self.check_destroy() def test_create(self): self.action = 'create' self.check_create() def test_list(self): self.action = 'list' self.check_list()
class CodebaseReleaseUnpublishedFilesTestCase(ApiAccountMixin, ResponseStatusCodesMixin, TestCase): """Test file handling for creating a release. Only user with change permission on a unpublished release should be able to list, destroy or create files. No user should be able to create or destroy files from a published release""" def setUp(self): self.user_factory = UserFactory() self.submitter = self.user_factory.create(username='******') self.superuser = self.user_factory.create(username='******', is_superuser=True) self.other_user = self.user_factory.create(username='******') codebase_factory = CodebaseFactory(submitter=self.submitter) self.codebase = codebase_factory.create() self.codebase_release = self.codebase.create_release(draft=False, initialize=False) def test_upload_file(self): api = self.codebase_release.get_fs_api() # Unpublished codebase release permissions response = self.client.post( api.get_originals_list_url(category=FileCategoryDirectories.code)) self.assertResponseNotFound(response) for user, expected_status_code in [ (self.submitter, status.HTTP_400_BAD_REQUEST), (self.superuser, status.HTTP_400_BAD_REQUEST), (self.other_user, status.HTTP_404_NOT_FOUND) ]: self.login(user, self.user_factory.password) response = self.client.post(api.get_originals_list_url( category=FileCategoryDirectories.code), HTTP_ACCEPT='application/json') self.assertEqual(response.status_code, expected_status_code, msg='{} {}'.format(repr(user), response.data)) self.codebase_release.live = True self.codebase_release.draft = False self.codebase_release.save() # Published codebase release permissions self.client.logout() response = self.client.post( api.get_originals_list_url(category=FileCategoryDirectories.code)) self.assertResponsePermissionDenied(response) for user, expected_status_code in [ (self.submitter, status.HTTP_403_FORBIDDEN), (self.superuser, status.HTTP_403_FORBIDDEN), (self.other_user, status.HTTP_403_FORBIDDEN) ]: self.login(user, self.user_factory.password) response = self.client.post(api.get_originals_list_url( category=FileCategoryDirectories.code), HTTP_ACCEPT='application/json') self.assertEqual(response.status_code, expected_status_code, msg='{} {}'.format(repr(user), response.data)) def test_list_files(self): api = self.codebase_release.get_fs_api() # Unpublished codebase release permissions response = self.client.get( api.get_originals_list_url(category=FileCategoryDirectories.code)) self.assertResponseNotFound(response) for user, expected_status_code in [ (self.submitter, status.HTTP_200_OK), (self.superuser, status.HTTP_200_OK), (self.other_user, status.HTTP_404_NOT_FOUND) ]: self.login(user, self.user_factory.password) response = self.client.get(api.get_originals_list_url( FileCategoryDirectories.code), HTTP_ACCEPT='application/json') self.assertEqual(response.status_code, expected_status_code, msg='{} {}'.format(repr(user), response.data)) self.codebase_release.live = True self.codebase_release.draft = False self.codebase_release.save() self.client.logout() # Published codebase release permissions response = self.client.get( api.get_originals_list_url(FileCategoryDirectories.code)) self.assertResponsePermissionDenied(response) for user, expected_status_code in [ (self.submitter, status.HTTP_403_FORBIDDEN), (self.superuser, status.HTTP_403_FORBIDDEN), (self.other_user, status.HTTP_403_FORBIDDEN) ]: self.login(user, self.user_factory.password) response = self.client.get(api.get_originals_list_url( FileCategoryDirectories.code), HTTP_ACCEPT='application/json') self.assertEqual(response.status_code, expected_status_code, msg='{} {}'.format(repr(user), response.data)) def test_delete_file(self): path_to_foo = pathlib.Path('foo.txt') api = self.codebase_release.get_fs_api() print(self.codebase_release) print('CodebaseRelease perm %s' % self.submitter.has_perm( 'library.delete_codebaserelease', self.codebase_release)) # Unpublished codebase release permissions response = self.client.delete( api.get_absolute_url(category=FileCategoryDirectories.code, relpath=path_to_foo)) self.assertResponseNotFound(response) for user, expected_status_code in [ (self.submitter, status.HTTP_400_BAD_REQUEST), (self.superuser, status.HTTP_400_BAD_REQUEST), (self.other_user, status.HTTP_404_NOT_FOUND) ]: self.login(user, self.user_factory.password) response = self.client.delete(api.get_absolute_url( category=FileCategoryDirectories.code, relpath=path_to_foo), HTTP_ACCEPT='application/json') self.assertEqual(response.status_code, expected_status_code, msg=repr(user)) self.codebase_release.live = True self.codebase_release.draft = False self.codebase_release.save() self.client.logout() # Published codebase release permissions response = self.client.delete( api.get_absolute_url(category=FileCategoryDirectories.code, relpath=path_to_foo)) self.assertResponsePermissionDenied(response) for user, expected_status_code in [ (self.submitter, status.HTTP_403_FORBIDDEN), (self.superuser, status.HTTP_403_FORBIDDEN), (self.other_user, status.HTTP_403_FORBIDDEN) ]: self.login(user, self.user_factory.password) response = self.client.delete(api.get_absolute_url( FileCategoryDirectories.code, path_to_foo), HTTP_ACCEPT='application/json') self.assertEqual(response.status_code, expected_status_code, msg=repr(user))
def setUp(self): user_factory = UserFactory() self.submitter = user_factory.create(username='******') event_factory = EventFactory(submitter=self.submitter) self.event = event_factory.create()
class MemberProfileSerializerTestCase(TestCase): def setUp(self): self.user_factory = UserFactory() self.user = self.user_factory.create() self.user.first_name = 'Foo' self.user.last_name = 'Bar' ComsesGroups.initialize() def test_email_address_update(self): other_user = self.user_factory.create() other_email = other_user.email member_profile = self.user.member_profile institution = Institution(url='https://foo.org', name='Foo Institute') institution.save() member_profile.institution = institution member_profile.save() email_address = EmailAddress.objects.create(user=self.user, email=self.user.email) email_address.set_as_primary() data = MemberProfileSerializer(member_profile).data # no change to email address serializer = MemberProfileSerializer(instance=member_profile, data=data) serializer.is_valid(raise_exception=True) serializer.save() self.assertEqual(EmailAddress.objects.count(), 1) # acceptable address data['email'] = '*****@*****.**' serializer = MemberProfileSerializer(instance=member_profile, data=data) serializer.is_valid(raise_exception=True) serializer.save() self.assertTrue( EmailAddress.objects.filter(email=data['email']).exists()) # conflicting address data['email'] = other_email serializer = MemberProfileSerializer(instance=member_profile, data=data) serializer.is_valid(raise_exception=True) with self.assertRaises(ValidationError): serializer.save() def test_cannot_downgrade_membership(self): membership_profile = self.user.member_profile self.assertFalse(membership_profile.full_member) institution = Institution(url='https://foo.org', name='Foo Institute') institution.save() membership_profile.institution = institution membership_profile.save() membership_profile_data = MemberProfileSerializer( membership_profile).data # Make user a full down member membership_profile_data['full_member'] = True serializer = MemberProfileSerializer(instance=membership_profile, data=membership_profile_data) serializer.is_valid(raise_exception=True) serializer.save() membership_profile = MemberProfile.objects.get( id=membership_profile.id) self.assertTrue(membership_profile.full_member) # Unsuccessfully attempt to downgrade membership status membership_profile_data['full_member'] = False serializer = MemberProfileSerializer(instance=membership_profile, data=membership_profile_data) serializer.is_valid(raise_exception=True) serializer.save() membership_profile = MemberProfile.objects.get( id=membership_profile.id) self.assertTrue(membership_profile.full_member)
class CodebaseReleaseTest(BaseModelTestCase): def get_perm_str(self, perm_prefix): return '{}.{}_{}'.format(CodebaseRelease._meta.app_label, perm_prefix, CodebaseRelease._meta.model_name) def setUp(self): self.user_factory = UserFactory() self.submitter = self.user_factory.create() codebase_factory = CodebaseFactory(submitter=self.submitter) self.codebase = codebase_factory.create() self.codebase_release = self.codebase.create_release(initialize=False) def test_anonymous_user_perms(self): anonymous_user = AnonymousUser() self.assertFalse(anonymous_user.has_perm(self.get_perm_str('add'))) self.assertFalse( anonymous_user.has_perm(self.get_perm_str('change'), obj=self.codebase_release)) self.assertFalse( anonymous_user.has_perm(self.get_perm_str('delete'), obj=self.codebase_release)) self.assertFalse( anonymous_user.has_perm(self.get_perm_str('view'), obj=self.codebase_release)) self.codebase_release.live = True self.codebase_release.save() self.assertTrue( anonymous_user.has_perm(self.get_perm_str('view'), obj=self.codebase_release)) def test_submitter_perms(self): submitter = self.submitter self.assertTrue( submitter.has_perm(self.get_perm_str('change'), obj=self.codebase_release)) self.assertTrue( submitter.has_perm(self.get_perm_str('delete'), obj=self.codebase_release)) self.assertTrue( submitter.has_perm(self.get_perm_str('view'), obj=self.codebase_release)) def test_superuser_perms(self): superuser = self.user_factory.create(is_superuser=True) self.assertTrue(superuser.has_perm(self.get_perm_str('add'))) self.assertTrue( superuser.has_perm(self.get_perm_str('change'), obj=self.codebase_release)) self.assertTrue( superuser.has_perm(self.get_perm_str('delete'), obj=self.codebase_release)) self.assertTrue( superuser.has_perm(self.get_perm_str('view'), obj=self.codebase_release)) def test_regular_user_perms(self): regular_user = self.user_factory.create() self.assertTrue(regular_user.has_perm(self.get_perm_str('add'))) self.assertFalse( regular_user.has_perm(self.get_perm_str('change'), obj=self.codebase_release)) self.assertFalse( regular_user.has_perm(self.get_perm_str('delete'), obj=self.codebase_release)) self.assertFalse( regular_user.has_perm(self.get_perm_str('view'), obj=self.codebase_release)) self.codebase_release.live = True self.codebase_release.save() self.assertTrue( regular_user.has_perm(self.get_perm_str('view'), obj=self.codebase_release)) def test_version_number_mutation(self): other_codebase_release = self.codebase.create_release(initialize=False) version_numbers = other_codebase_release.get_allowed_version_numbers() self.assertEqual( version_numbers, set([ semver.parse_version_info(vn) for vn in {'1.0.1', '1.1.0', '2.0.0'} ])) with self.assertRaises(ValidationError): other_codebase_release.set_version_number('1.0.0') with self.assertRaises(ValidationError): other_codebase_release.set_version_number('foo-1.0.0') other_codebase_release.set_version_number('54.2.0') self.assertEqual(other_codebase_release.version_number, '54.2.0') other_codebase_release.set_version_number('1.0.1') self.assertEqual(other_codebase_release.version_number, '1.0.1') def test_create_codebase_release_share_uuid(self): """Ensure we can create a second codebase release an it hasa different share uuid""" self.codebase_release.share_uuid = uuid.uuid4() self.codebase_release.save() cr = self.codebase.create_release(initialize=False) self.assertNotEqual(self.codebase_release.share_uuid, cr.share_uuid) def test_metadata_completeness(self): # make sure release contributors are empty since we currently automatically add the submitter as an author self.codebase_release.contributors.all().delete() self.assertFalse(self.codebase_release.contributors.exists()) self.assertRaises(ValidationError, lambda: self.codebase_release.validate_publishable()) self.codebase_release.os = 'Windows' self.assertRaises(ValidationError, lambda: self.codebase_release.validate_publishable()) license = License.objects.create( name='0BSD', url='https://spdx.org/licenses/0BSD.html') self.codebase_release.license = license self.assertRaises(ValidationError, lambda: self.codebase_release.validate_publishable()) self.codebase_release.programming_languages.add('Java') self.assertRaises(ValidationError, lambda: self.codebase_release.validate_publishable()) release_contributor_factory = ReleaseContributorFactory( self.codebase_release) contributor_factory = ContributorFactory(user=self.submitter) contributor = contributor_factory.create() release_contributor_factory.create(contributor) self.assertRaises(ValidationError, lambda: self.codebase_release.validate_publishable()) self.assertTrue(self.codebase_release.validate_metadata())