Esempio n. 1
0
def test_update_annotation_raises_if_non_admin_changes_perms():
    with pytest.raises(RuntimeError):
        logic.update_annotation(_mock_annotation(permissions={}),
                                fields={'permissions': {
                                    'read': ['someone']
                                }},
                                userid='alice')
Esempio n. 2
0
File: views.py Progetto: linhua55/h 
def update(context, request):
    """Update the fields we received and store the updated version."""
    annotation = context.model

    # Read the new fields for the annotation
    try:
        fields = request.json_body
    except ValueError:
        return _api_error(request,
                          'No JSON payload sent. Annotation not created.',
                          status_code=400)  # Client Error: Bad Request

    try:
        appstruct = schemas.AnnotationSchema().validate(fields)
    except schemas.ValidationError as err:
        return _api_error(request, err.message, status_code=400)

    # Update and store the annotation
    try:
        logic.update_annotation(annotation,
                                appstruct,
                                userid=request.authenticated_userid)
    except RuntimeError as err:
        return _api_error(request, err.args[0], status_code=err.args[1])

    # Notify any subscribers
    _publish_annotation_event(request, annotation, 'update')

    # Return the updated version that was just stored.
    return search_lib.render(annotation)
Esempio n. 3
0
File: views.py Progetto: ningyifan/h 
def update(context, request):
    """Update the fields we received and store the updated version."""
    annotation = context

    # Read the new fields for the annotation
    try:
        fields = request.json_body
    except ValueError:
        return _api_error(request,
                          'No JSON payload sent. Annotation not created.',
                          status_code=400)  # Client Error: Bad Request

    # Check user's permissions
    has_admin_permission = request.has_permission('admin', annotation)

    # Update and store the annotation
    try:
        logic.update_annotation(annotation, fields, has_admin_permission)
    except RuntimeError as err:
        return _api_error(
            request,
            err.args[0],
            status_code=err.args[1])

    # Notify any subscribers
    _publish_annotation_event(request, annotation, 'update')

    # Return the updated version that was just stored.
    return search_lib.render(annotation)
Esempio n. 4
0
def update(context, request):
    """Update the fields we received and store the updated version."""
    annotation = context.model

    # Read the new fields for the annotation
    try:
        fields = request.json_body
    except ValueError:
        return _api_error(request,
                          'No JSON payload sent. Annotation not created.',
                          status_code=400)  # Client Error: Bad Request

    try:
        validators.Annotation().validate(fields)
    except validators.Error as err:
        return _api_error(request, err.message, status_code=400)

    # Update and store the annotation
    try:
        logic.update_annotation(annotation,
                                fields,
                                userid=request.authenticated_userid)
    except RuntimeError as err:
        return _api_error(
            request,
            err.args[0],
            status_code=err.args[1])

    # Notify any subscribers
    _publish_annotation_event(request, annotation, 'update')

    # Return the updated version that was just stored.
    return search_lib.render(annotation)
Esempio n. 5
0
def test_update_annotation_calls_update():
    annotation = _mock_annotation()
    fields = {'foo': 'bar'}

    logic.update_annotation(annotation, fields, False)

    annotation.update.assert_called_once_with(fields)
Esempio n. 6
0
File: views.py Progetto: ningyifan/h 
def update(context, request):
    """Update the fields we received and store the updated version."""
    annotation = context

    # Read the new fields for the annotation
    try:
        fields = request.json_body
    except ValueError:
        return _api_error(request,
                          'No JSON payload sent. Annotation not created.',
                          status_code=400)  # Client Error: Bad Request

    # Check user's permissions
    has_admin_permission = request.has_permission('admin', annotation)

    # Update and store the annotation
    try:
        logic.update_annotation(annotation, fields, has_admin_permission)
    except RuntimeError as err:
        return _api_error(request, err.args[0], status_code=err.args[1])

    # Notify any subscribers
    _publish_annotation_event(request, annotation, 'update')

    # Return the updated version that was just stored.
    return search_lib.render(annotation)
Esempio n. 7
0
def test_update_annotation_calls_update():
    annotation = _mock_annotation()
    fields = {'foo': 'bar'}

    logic.update_annotation(annotation, fields)

    annotation.update.assert_called_once_with(fields)
Esempio n. 8
0
def test_update_annotation_admins_can_change_permissions():
    annotation = _mock_annotation(permissions={'admin': ['alice']},
                                  user='******')

    logic.update_annotation(annotation,
                            fields={'permissions': 'changed'},
                            userid='alice')

    assert annotation['permissions'] == 'changed'
Esempio n. 9
0
def test_update_annotation_admins_can_change_permissions():
    annotation = _mock_annotation(permissions='foo')

    logic.update_annotation(
        annotation,
        fields={'permissions': 'changed'},
        has_admin_permission=True)

    assert annotation['permissions'] == 'changed'
Esempio n. 10
0
def test_update_annotation_non_admins_can_make_non_permissions_changes():
    annotation = _mock_annotation(foo='bar')

    logic.update_annotation(
        annotation,
        fields={'foo': 'changed'},
        has_admin_permission=False)

    assert annotation['foo'] == 'changed'
Esempio n. 11
0
def test_update_annotation_admins_can_change_permissions():
    annotation = _mock_annotation(permissions='foo')

    logic.update_annotation(
        annotation,
        fields={'permissions': 'changed'},
        has_admin_permission=True)

    assert annotation['permissions'] == 'changed'
Esempio n. 12
0
def test_update_annotation_non_admins_can_make_non_permissions_changes():
    annotation = _mock_annotation(foo='bar')

    logic.update_annotation(
        annotation,
        fields={'foo': 'changed'},
        has_admin_permission=False)

    assert annotation['foo'] == 'changed'
Esempio n. 13
0
def test_update_annotation_admins_can_change_permissions():
    annotation = _mock_annotation(
        permissions={'admin': ['alice']},
        user='******')

    logic.update_annotation(
        annotation,
        fields={'permissions': 'changed'},
        userid='alice')

    assert annotation['permissions'] == 'changed'
Esempio n. 14
0
def test_update_annotation_does_not_pass_protected_fields_to_update():
    annotation = _mock_annotation()

    logic.update_annotation(
        annotation,
        fields={"foo": "bar", "created": "foo", "updated": "foo", "user": "******", "consumer": "foo", "id": "foo"},
        has_admin_permission=False,
    )

    for field in ("created", "updated", "user", "consumer", "id"):
        assert field not in annotation.update.call_args[0][0]
Esempio n. 15
0
def test_update_annotation_non_admins_can_make_non_permissions_changes():
    annotation = _mock_annotation(foo='bar',
                                  permissions={'admin': ['alice']},
                                  user='******')

    logic.update_annotation(annotation,
                            fields={
                                'foo': 'changed',
                            },
                            userid='bob')

    assert annotation['foo'] == 'changed'
Esempio n. 16
0
def update(context, request):
    """Update the fields we received and store the updated version."""
    annotation = context.model
    schema = schemas.UpdateAnnotationSchema(request, annotation)
    appstruct = schema.validate(_json_payload(request))

    # Update and store the annotation
    logic.update_annotation(annotation, appstruct)

    # Notify any subscribers
    _publish_annotation_event(request, annotation, 'update')

    # Return the updated version that was just stored.
    return search_lib.render(annotation)
Esempio n. 17
0
def test_update_annotation_non_admins_can_make_non_permissions_changes():
    annotation = _mock_annotation(
        foo='bar',
        permissions={'admin': ['alice']},
        user='******')

    logic.update_annotation(
        annotation,
        fields={
            'foo': 'changed',
        },
        userid='bob')

    assert annotation['foo'] == 'changed'
Esempio n. 18
0
def update(context, request):
    """Update the fields we received and store the updated version."""
    annotation = context.model
    schema = schemas.UpdateAnnotationSchema(request, annotation)
    appstruct = schema.validate(_json_payload(request))

    # Update and store the annotation
    logic.update_annotation(annotation, appstruct)

    # Notify any subscribers
    _publish_annotation_event(request, annotation, 'update')

    # Return the updated version that was just stored.
    return search_lib.render(annotation)
Esempio n. 19
0
def test_update_annotation_does_not_pass_protected_fields_to_update():
    annotation = _mock_annotation()

    logic.update_annotation(
        annotation,
        fields={
            'foo': 'bar',
            'created': 'foo',
            'updated': 'foo',
            'user': '******',
            'id': 'foo'
        },
        userid='foo')

    for field in ('created', 'updated', 'user', 'id'):
        assert field not in annotation.update.call_args[0][0]
Esempio n. 20
0
def test_update_annotation_does_not_crash_if_annotations_parent_has_no_group(
        Annotation):
    """It shouldn't crash if the parent annotation has no group.

    It shouldn't crash if the annotation is a reply and its parent annotation
    has no 'group' field.

    """
    # No group in the original annotation/reply itself.
    annotation = _mock_annotation()
    assert 'group' not in annotation

    # And no group in the parent annotation either.
    Annotation.fetch.return_value = {}

    logic.update_annotation(annotation, {}, 'foo')
Esempio n. 21
0
def test_update_annotation_does_not_crash_if_annotations_parent_has_no_group(
        Annotation):
    """It shouldn't crash if the parent annotation has no group.

    It shouldn't crash if the annotation is a reply and its parent annotation
    has no 'group' field.

    """
    # No group in the original annotation/reply itself.
    annotation = _mock_annotation()
    assert 'group' not in annotation

    # And no group in the parent annotation either.
    Annotation.fetch.return_value = {}

    logic.update_annotation(annotation, {}, 'foo')
Esempio n. 22
0
def test_update_annotation_does_not_pass_protected_fields_to_update():
    annotation = _mock_annotation()

    logic.update_annotation(
        annotation,
        fields={
            'foo': 'bar',
            'created': 'foo',
            'updated': 'foo',
            'user': '******',
            'consumer': 'foo',
            'id': 'foo'
        },
        has_admin_permission=False)

    for field in ('created', 'updated', 'user', 'consumer', 'id'):
        assert field not in annotation.update.call_args[0][0]
Esempio n. 23
0
def test_update_annotation_does_not_pass_protected_fields_to_update():
    annotation = _mock_annotation()

    logic.update_annotation(
        annotation,
        fields={
            'foo': 'bar',
            'created': 'foo',
            'updated': 'foo',
            'user': '******',
            'consumer': 'foo',
            'id': 'foo'
        },
        has_admin_permission=False)

    for field in ('created', 'updated', 'user', 'consumer', 'id'):
        assert field not in annotation.update.call_args[0][0]
Esempio n. 24
0
def test_update_annotation_if_deleted_does_not_remove_other_principals():
    user = "******"
    annotation = _mock_annotation(
        deleted=True,
        user=user,
        permissions={
            "admin": [user, "someone else"],
            "read": [user, "someone else"],
            "update": [user],
            "delete": [user],
        },
    )
    fields = {"permissions": {"update": ["someone else"], "delete": ["someone else"]}}

    logic.update_annotation(annotation, fields, True)

    for action in annotation["permissions"]:
        assert "someone else" in annotation["permissions"][action]
Esempio n. 25
0
def test_update_annotation_removes_userid_from_permissions_if_deleted():
    user = "******"
    annotation = _mock_annotation(
        deleted=True,
        user=user,
        permissions={
            "admin": [user, "someone else"],
            "read": [user, "someone else"],
            "update": ["someone else"],
            "delete": ["someone else"],
        },
    )
    fields = {"permissions": {"update": [user], "delete": [user]}}

    logic.update_annotation(annotation, fields, True)

    for action in annotation["permissions"]:
        assert user not in annotation["permissions"][action]
Esempio n. 26
0
def test_update_annotation_removes_userid_from_permissions_if_deleted():
    user = '******'
    annotation = _mock_annotation(
        deleted=True,
        user=user,
        permissions={
            'admin': [user, 'someone else'],
            'read': [user, 'someone else'],
            'update': ['someone else'],
            'delete': ['someone else']
        }
    )
    fields = {
        'permissions': {
            'update': [user],
            'delete': [user]
        }
    }

    logic.update_annotation(annotation, fields, True)

    for action in annotation['permissions']:
        assert user not in annotation['permissions'][action]
Esempio n. 27
0
def test_update_annotation_if_deleted_does_not_remove_other_principals():
    user = '******'
    annotation = _mock_annotation(
        deleted=True,
        user=user,
        permissions={
            'admin': [user, 'someone else'],
            'read': [user, 'someone else'],
            'update': [user],
            'delete': [user]
        }
    )
    fields = {
        'permissions': {
            'update': ['someone else'],
            'delete': ['someone else']
        }
    }

    logic.update_annotation(annotation, fields, True)

    for action in annotation['permissions']:
        assert 'someone else' in annotation['permissions'][action]
Esempio n. 28
0
def test_update_annotation_does_not_remove_userid_if_not_deleted():
    userid = 'acct:[email protected]'
    annotation = _mock_annotation(
        deleted=False,
        user=userid,
        permissions={
            'admin': [userid, 'someone else'],
            'read': [userid, 'someone else'],
            'update': ['someone else'],
            'delete': ['someone else']
        }
    )
    fields = {
        'permissions': {
            'update': [userid],
            'delete': [userid]
        }
    }

    logic.update_annotation(annotation, fields, userid)

    for action in annotation['permissions']:
        assert userid in annotation['permissions'][action]
Esempio n. 29
0
def test_update_annotation_if_deleted_does_not_remove_other_principals():
    user = '******'
    annotation = _mock_annotation(
        deleted=True,
        user=user,
        permissions={
            'admin': [user, 'someone else'],
            'read': [user, 'someone else'],
            'update': [user],
            'delete': [user]
        }
    )
    fields = {
        'permissions': {
            'update': ['someone else'],
            'delete': ['someone else']
        }
    }

    logic.update_annotation(annotation, fields, True)

    for action in annotation['permissions']:
        assert 'someone else' in annotation['permissions'][action]
Esempio n. 30
0
def test_update_annotation_removes_userid_from_permissions_if_deleted():
    user = '******'
    annotation = _mock_annotation(
        deleted=True,
        user=user,
        permissions={
            'admin': [user, 'someone else'],
            'read': [user, 'someone else'],
            'update': ['someone else'],
            'delete': ['someone else']
        }
    )
    fields = {
        'permissions': {
            'update': [user],
            'delete': [user]
        }
    }

    logic.update_annotation(annotation, fields, True)

    for action in annotation['permissions']:
        assert user not in annotation['permissions'][action]
Esempio n. 31
0
def test_update_annotation_user_cannot_change_group():
    annotation = _mock_annotation(group='old')
    fields = {'group': 'new'}

    with pytest.raises(RuntimeError):
        logic.update_annotation(annotation, fields, 'foo')
Esempio n. 32
0
def test_update_annotation_calls_save():
    annotation = _mock_annotation()

    logic.update_annotation(annotation, {}, False)

    annotation.save.assert_called_once_with()
Esempio n. 33
0
def test_update_annotation_calls_prepare(search_lib):
    annotation = _mock_annotation()

    logic.update_annotation(annotation, {}, False)

    search_lib.prepare.assert_called_once_with(annotation)
Esempio n. 34
0
def test_update_annotation_user_cannot_change_group():
    annotation = _mock_annotation(group='old')
    fields = {'group': 'new'}

    with pytest.raises(RuntimeError):
        logic.update_annotation(annotation, fields, 'foo')
Esempio n. 35
0
def test_update_annotation_calls_prepare(search_lib):
    annotation = _mock_annotation()

    logic.update_annotation(annotation, {})

    search_lib.prepare.assert_called_once_with(annotation)
Esempio n. 36
0
def test_update_annotation_raises_if_non_admin_changes_perms():
    with pytest.raises(RuntimeError):
        logic.update_annotation(
            _mock_annotation(),
            fields={'permissions': 'changed'},
            has_admin_permission=False)
Esempio n. 37
0
def test_update_annotation_raises_if_non_admin_changes_perms():
    with pytest.raises(RuntimeError):
        logic.update_annotation(
            _mock_annotation(),
            fields={'permissions': 'changed'},
            has_admin_permission=False)
Esempio n. 38
0
def test_update_annotation_raises_if_non_admin_changes_perms():
    with pytest.raises(RuntimeError):
        logic.update_annotation(
            _mock_annotation(permissions={}),
            fields={'permissions': {'read': ['someone']}},
            userid='alice')
Esempio n. 39
0
def test_update_annotation_does_not_crash_if_annotation_has_no_group():
    annotation = _mock_annotation()
    assert 'group' not in annotation

    logic.update_annotation(annotation, {}, 'foo')
Esempio n. 40
0
def test_update_annotation_admins_can_change_permissions():
    annotation = _mock_annotation(permissions="foo")

    logic.update_annotation(annotation, fields={"permissions": "changed"}, has_admin_permission=True)

    assert annotation["permissions"] == "changed"
Esempio n. 41
0
def test_update_annotation_non_admins_can_make_non_permissions_changes():
    annotation = _mock_annotation(foo="bar")

    logic.update_annotation(annotation, fields={"foo": "changed"}, has_admin_permission=False)

    assert annotation["foo"] == "changed"
Esempio n. 42
0
def test_update_annotation_calls_save():
    annotation = _mock_annotation()

    logic.update_annotation(annotation, {})

    annotation.save.assert_called_once_with()
Esempio n. 43
0
def test_update_annotation_does_not_crash_if_annotation_has_no_group():
    annotation = _mock_annotation()
    assert 'group' not in annotation

    logic.update_annotation(annotation, {}, 'foo')