def project(self, user_admin_contrib, user_write_contrib):
project = ProjectFactory(creator=user_admin_contrib, is_public=True)
project.add_contributor(
user_write_contrib,
permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS,
save=True)
return project
def test_sees_projects_in_her_dashboard(self):
# the user already has a project
project = ProjectFactory(creator=self.user)
project.add_contributor(self.user)
project.save()
res = self.app.get('/myprojects/', auth=self.user.auth)
assert_in('Projects', res) # Projects heading
def test_node_citation_view(self):
node = ProjectFactory()
user = AuthUserFactory()
node.add_contributor(user)
node.save()
response = self.app.get("/api/v1" + "/project/" + node._id + "/citation/", auto_follow=True, auth=user.auth)
assert_true(response.json)
def private_project(self, user, pointer):
private_project = ProjectFactory()
private_project.add_contributor(
user, permissions=[permissions.READ, permissions.WRITE])
private_project.add_pointer(pointer, auth=Auth(user), save=True)
private_project.save()
return private_project
class LogsTestCase(ApiTestCase):
def setUp(self):
super(LogsTestCase, self).setUp()
self.user = AuthUserFactory()
self.user_two = AuthUserFactory()
self.action_set = NodeLog.actions
self.node = ProjectFactory(is_public=False)
self.node.add_contributor(self.user, permissions=[osf_permissions.READ], auth=Auth(self.node.creator), log=True, save=True)
logs = list(self.node.logs.order_by('date'))
self.log = logs[0]
self.log_add_contributor = logs[1]
self.public_node = ProjectFactory(is_public=True)
self.public_node.add_contributor(self.user, permissions=[osf_permissions.READ], auth=Auth(self.public_node.creator), log=True, save=True)
public_logs = list(self.public_node.logs.order_by('date'))
self.public_log = public_logs[0]
self.public_log_add_contributor = public_logs[1]
self.node_log_url = '/{}nodes/{}/logs/'.format(API_BASE, self.node._id)
self.url = '/{}logs/'.format(API_BASE)
self.log_nodes_url = self.url + '{}/nodes/'.format(self.log._id)
self.private_log_detail = self.url + '{}/'.format(self.log._id)
self.log_public_nodes_url = self.url + '{}/nodes/'.format(self.public_log._id)
self.public_log_detail = self.url + '{}/'.format(self.public_log._id)
class DraftRegistrationTestCase(ApiTestCase):
def setUp(self):
super(DraftRegistrationTestCase, self).setUp()
self.user = AuthUserFactory()
self.read_only_user = AuthUserFactory()
self.read_write_user = AuthUserFactory()
self.non_contributor = AuthUserFactory()
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_project.add_contributor(self.read_only_user, permissions=[permissions.READ])
self.public_project.add_contributor(self.read_write_user, permissions=[permissions.WRITE])
self.public_project.save()
def prereg_metadata(self, draft):
test_metadata = {}
json_schema = create_jsonschema_from_metaschema(draft.registration_schema.schema)
for key, value in json_schema['properties'].iteritems():
response = 'Test response'
if value['properties']['value'].get('enum'):
response = value['properties']['value']['enum'][0]
if value['properties']['value'].get('properties'):
response = {'question': {'value': 'Test Response'}}
test_metadata[key] = {'value': response}
return test_metadata
def test__initiate_embargo_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin, auth=Auth(project.creator), save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin, auth=Auth(child.creator), save=True)
grandchild = NodeFactory(creator=grandchild_admin, parent=child) # noqa
registration = RegistrationFactory(project=project)
embargo = registration._initiate_embargo(
project.creator,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_in(project_admin._id, embargo.approval_state)
assert_in(child_admin._id, embargo.approval_state)
assert_in(grandchild_admin._id, embargo.approval_state)
assert_not_in(project_non_admin._id, embargo.approval_state)
assert_not_in(child_non_admin._id, embargo.approval_state)
def project(self, user, user_write_contrib):
project = ProjectFactory(creator=user)
project.add_contributor(
user_write_contrib,
permissions=[permissions.READ, permissions.WRITE],
visible=True, save=True)
return project
class TestPreprintConfirmationEmails(OsfTestCase):
def setUp(self):
super(TestPreprintConfirmationEmails, self).setUp()
self.user = AuthUserFactory()
self.write_contrib = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_contributor(self.write_contrib, permissions=[permissions.WRITE])
self.preprint = PreprintFactory(project=self.project, provider=PreprintProviderFactory(_id='osf'), is_published=False)
self.preprint_branded = PreprintFactory(creator=self.user, is_published=False)
@mock.patch('website.mails.send_mail')
def test_creator_gets_email(self, send_mail):
self.preprint.set_published(True, auth=Auth(self.user), save=True)
send_mail.assert_called_with(
self.user.email,
mails.PREPRINT_CONFIRMATION_DEFAULT,
user=self.user,
node=self.preprint.node,
preprint=self.preprint
)
assert_equals(send_mail.call_count, 1)
self.preprint_branded.set_published(True, auth=Auth(self.user), save=True)
assert_equals(send_mail.call_count, 2)
def test_users_projects_in_common_exclude_deleted_projects(
self, app, user_one, user_two):
project_list = []
for x in range(1, 10):
project = ProjectFactory(creator=user_one)
project.add_contributor(
contributor=user_two,
permissions=CREATOR_PERMISSIONS,
auth=Auth(user=user_one)
)
project.save()
project_list.append(project)
for x in range(1, 5):
project = project_list[x]
project.reload()
project.remove_node(auth=Auth(user=user_one))
project.save()
url = '/{}users/{}/nodes/?embed=contributors&show_projects_in_common=true'.format(
API_BASE, user_two._id)
res = app.get(url, auth=user_two.auth)
user_json = res.json['data'][0]['embeds']['contributors']['data']
for user in user_json:
meta = user['embeds']['users']['data']['relationships']['nodes']['links']['related']['meta']
assert 'projects_in_common' in meta
assert meta['projects_in_common'] == 5
class TestPreprintConfirmationEmails(OsfTestCase):
def setUp(self):
super(TestPreprintConfirmationEmails, self).setUp()
self.user = AuthUserFactory()
self.write_contrib = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.project.add_contributor(self.write_contrib, permissions=[permissions.WRITE])
self.preprint = PreprintFactory(project=self.project, provider=PreprintProviderFactory(_id='osf'), is_published=False)
self.preprint_branded = PreprintFactory(creator=self.user, is_published=False)
@mock.patch('website.mails.send_mail')
def test_creator_gets_email(self, send_mail):
self.preprint.set_published(True, auth=Auth(self.user), save=True)
domain = self.preprint.provider.domain or settings.DOMAIN
send_mail.assert_called_with(
self.user.email,
mails.REVIEWS_SUBMISSION_CONFIRMATION,
user=self.user,
mimetype='html',
provider_url='{}preprints/{}'.format(domain, self.preprint.provider._id),
domain=domain,
provider_contact_email=settings.OSF_CONTACT_EMAIL,
provider_support_email=settings.OSF_SUPPORT_EMAIL,
workflow=None,
reviewable=self.preprint,
is_creator=True,
provider_name=self.preprint.provider.name,
no_future_emails=[],
logo=settings.OSF_PREPRINTS_LOGO,
)
assert_equals(send_mail.call_count, 1)
self.preprint_branded.set_published(True, auth=Auth(self.user), save=True)
assert_equals(send_mail.call_count, 2)
def test_update_wiki_updates_contributor_comments_viewed_timestamp(self):
contributor = AuthUserFactory()
project = ProjectFactory(creator=self.user, is_public=True)
project.add_contributor(contributor)
project.save()
wiki_page = WikiFactory(node=project, page_name='test')
wiki = WikiVersionFactory(wiki_page=wiki_page)
comment = CommentFactory(node=project, target=Guid.load(wiki_page._id), user=self.user)
# user views comments -- sets user.comments_viewed_timestamp
url = project.api_url_for('update_comments_timestamp')
res = self.app.put_json(url, {
'page': 'wiki',
'rootId': wiki_page._id
}, auth=self.user.auth)
assert res.status_code == 200
self.user.reload()
assert wiki_page._id in self.user.comments_viewed_timestamp
# contributor views comments -- sets contributor.comments_viewed_timestamp
res = self.app.put_json(url, {
'page': 'wiki',
'rootId': wiki_page._id
}, auth=contributor.auth)
contributor.reload()
assert wiki_page._id in contributor.comments_viewed_timestamp
# user updates the wiki
project.update_node_wiki('test', 'Updating wiki', self.auth)
comment.reload()
contributor.reload()
new_version_id = project.get_wiki_version('test')._id
assert wiki_page._id in contributor.comments_viewed_timestamp
assert comment.target.referent._id == wiki_page._id
def test_must_have_permission_true(self, mock_from_kwargs, mock_to_nodes):
project = ProjectFactory()
user = UserFactory()
project.add_contributor(user, permissions=[permissions.READ, permissions.WRITE, permissions.ADMIN],
auth=Auth(project.creator))
mock_from_kwargs.return_value = Auth(user=user)
mock_to_nodes.return_value = (None, project)
thriller(node=project)
def test_sees_osffiles_in_project_addon_settings(self):
project = ProjectFactory(creator=self.user)
project.add_contributor(
self.user,
permissions=['read', 'write', 'admin'],
save=True)
res = self.app.get('/{0}/addons/'.format(project._primary_key), auth=self.auth, auto_follow=True)
assert_in('OSF Storage', res)
def project(self, admin_contributor_bib, write_contributor_non_bib, read_contributor_bib):
project = ProjectFactory(
creator=admin_contributor_bib
)
project.add_contributor(write_contributor_non_bib, [READ, WRITE], visible=False)
project.add_contributor(read_contributor_bib, [READ])
project.save()
return project
def public_project(user, read_contrib, write_contrib):
public_project = ProjectFactory(is_public=True, creator=user)
public_project.add_contributor(
read_contrib, permissions=[permissions.READ])
public_project.add_contributor(
write_contrib, permissions=[permissions.READ, permissions.WRITE])
public_project.save()
return public_project
def public_project(self, user, read_only_user, read_write_user):
public_project = ProjectFactory(is_public=True, creator=user)
public_project.add_contributor(
read_only_user, permissions=[permissions.READ])
public_project.add_contributor(
read_write_user, permissions=[permissions.WRITE])
public_project.save()
return public_project
def test_get_public_components_excludes_linked_contributor_projects(self):
# self.user is a contributor to linked project
pointee = ProjectFactory(is_public=True)
pointee.add_contributor(self.user, auth=Auth(pointee.creator))
self.public.add_node_link(pointee, auth=Auth(self.public.creator), save=True)
res = get_public_components(uid=self.user._id)
node_ids = [each['id'] for each in res]
assert_not_in(pointee._id, node_ids)
def node_public(self, user_one):
node_public = ProjectFactory(is_public=True)
node_public.add_contributor(
user_one,
permissions=[osf_permissions.READ],
auth=Auth(node_public.creator),
log=True, save=True
)
return node_public
def project(self, admin, write_contrib):
proj = ProjectFactory(creator=admin)
proj.save()
proj.add_contributor(
contributor=write_contrib,
permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS,
send_email='access_request',
save=True)
return proj
def test_must_have_permission_true(self, mock_from_kwargs, mock_to_nodes):
project = ProjectFactory()
user = UserFactory()
project.add_contributor(user,
permissions=permissions.ADMIN,
auth=Auth(project.creator))
mock_from_kwargs.return_value = Auth(user=user)
mock_to_nodes.return_value = (None, project)
thriller(node=project)
def test_sees_osffiles_in_project_addon_settings(self):
project = ProjectFactory(creator=self.user)
project.add_contributor(self.user,
permissions=['read', 'write', 'admin'],
save=True)
res = self.app.get('/{0}/addons/'.format(project._primary_key),
auth=self.auth,
auto_follow=True)
assert_in('OSF Storage', res)
def test_cant_see_make_private_button_if_not_admin(self):
# User is a contributor on a project
project = ProjectFactory(is_public=True)
project.add_contributor(self.user,
permissions=['read', 'write'],
save=True)
# User goes to the project page
res = self.app.get(project.url, auth=self.auth).maybe_follow()
assert_not_in('Make Private', res)
class TestNodeFileLogDetail(ApiTestCase):
def setUp(self):
super(TestNodeFileLogDetail, self).setUp()
self.user_one = AuthUserFactory()
self.user_two = AuthUserFactory()
self.node = ProjectFactory(creator=self.user_one)
self.node.add_contributor(self.user_two)
self.component = NodeFactory(parent=self.node, creator=self.user_one)
self.file = api_utils.create_test_file(node=self.component, user=self.user_one)
self.node.add_log(
'osf_storage_file_moved',
auth=Auth(self.user_one),
params={
'node': self.node._id,
'project': self.node.parent_id,
'path': self.file.materialized_path,
'source': {
'materialized': self.file.materialized_path,
'addon': 'osfstorage',
'node': {
'_id': self.component._id,
'url': self.component.url,
'title': self.component.title,
}
},
'destination': {
'materialized': self.file.materialized_path,
'addon': 'osfstorage',
'node': {
'_id': self.node._id,
'url': self.node.url,
'title': self.node.title,
}
}
},
)
self.node.save()
self.node_logs_url = '/{}nodes/{}/logs/'.format(API_BASE, self.node._id)
self.component_logs_url = '/{}nodes/{}/logs/'.format(API_BASE, self.component._id)
def test_title_not_hidden_from_contributor_in_file_move(self):
res = self.app.get(self.node_logs_url, auth=self.user_two.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['attributes']['params']['destination']['node_title'], self.node.title)
def test_title_hidden_from_non_contributor_in_file_move(self):
res = self.app.get(self.node_logs_url, auth=self.user_two.auth)
assert_equal(res.status_code, 200)
assert_not_in(self.component.title, res.json['data'])
assert_equal(res.json['data'][0]['attributes']['params']['source']['node_title'], 'Private Component')
class RegistrationsTestBase(OsfTestCase):
def setUp(self):
super(RegistrationsTestBase, self).setUp()
self.user = AuthUserFactory()
self.auth = Auth(self.user)
self.node = ProjectFactory(creator=self.user)
self.non_admin = AuthUserFactory()
self.node.add_contributor(
self.non_admin,
permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS,
auth=self.auth,
save=True
)
self.non_contrib = AuthUserFactory()
self.meta_schema = MetaSchema.find_one(
Q('name', 'eq', 'Open-Ended Registration') &
Q('schema_version', 'eq', 2)
)
self.draft = DraftRegistrationFactory(
initiator=self.user,
branched_from=self.node,
registration_schema=self.meta_schema,
registration_metadata={
'summary': {'value': 'Some airy'}
}
)
current_month = timezone.now().strftime("%B")
current_year = timezone.now().strftime("%Y")
valid_date = timezone.now() + dt.timedelta(days=180)
self.embargo_payload = {
u'embargoEndDate': unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT',
u'registrationChoice': 'embargo'
}
self.invalid_embargo_date_payload = {
u'embargoEndDate': u"Thu, 01 {month} {year} 05:00:00 GMT".format(
month=current_month,
year=str(int(current_year) - 1)
),
u'registrationChoice': 'embargo'
}
self.immediate_payload = {
'registrationChoice': 'immediate'
}
self.invalid_payload = {
'registrationChoice': 'foobar'
}
def draft_url(self, view_name):
return self.node.web_url_for(view_name, draft_id=self.draft._id)
def draft_api_url(self, view_name):
return self.node.api_url_for(view_name, draft_id=self.draft._id)
def project_public(self, user, user_write_contrib, user_read_contrib):
project_public = ProjectFactory(is_public=True, creator=user)
project_public.add_contributor(
user_write_contrib,
permissions=[permissions.WRITE])
project_public.add_contributor(
user_read_contrib,
permissions=[permissions.READ])
project_public.save()
return project_public
def project(self, admin, write_contrib):
proj = ProjectFactory(creator=admin)
proj.save()
proj.add_contributor(
contributor=write_contrib,
permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS,
send_email='access_request',
save=True
)
return proj
def test_get_public_components_excludes_linked_contributor_projects(self):
# self.user is a contributor to linked project
pointee = ProjectFactory(is_public=True)
pointee.add_contributor(self.user, auth=Auth(pointee.creator))
self.public.add_node_link(pointee,
auth=Auth(self.public.creator),
save=True)
res = get_public_components(uid=self.user._id)
node_ids = [each['id'] for each in res]
assert_not_in(pointee._id, node_ids)
def test_cant_see_make_private_button_if_not_admin(self):
# User is a contributor on a project
project = ProjectFactory(is_public=True)
project.add_contributor(
self.user,
permissions=['read', 'write'],
save=True)
# User goes to the project page
res = self.app.get(project.url, auth=self.auth).maybe_follow()
assert_not_in('Make Private', res)
def test_cant_see_make_public_button_if_not_admin(self):
# User is a contributor on a project
project = ProjectFactory()
project.add_contributor(
self.user,
permissions=permissions.WRITE,
save=True)
# User goes to the project page
res = self.app.get(project.url, auth=self.auth).maybe_follow()
assert_not_in('Make Public', res)
def test_node_citation_view(self):
node = ProjectFactory()
user = AuthUserFactory()
node.add_contributor(user)
node.save()
response = self.app.get("/api/v1" + "/project/" + node._id +
"/citation/",
auto_follow=True,
auth=user.auth)
assert_true(response.json)
def project(self, user, contribs):
project = ProjectFactory(creator=user)
for contrib in contribs:
if contrib._id != user._id:
project.add_contributor(
contrib,
permissions=[permissions.READ, permissions.WRITE],
visible=True,
save=True)
return project
def project_public(self, user, user_write_contrib, user_read_contrib):
project_public = ProjectFactory(is_public=True, creator=user)
project_public.add_contributor(
user_write_contrib,
permissions=[permissions.WRITE])
project_public.add_contributor(
user_read_contrib,
permissions=[permissions.READ])
project_public.save()
return project_public
def project_public(self, user, user_write_contrib, user_read_contrib,
group, group_mem):
project_public = ProjectFactory(is_public=True, creator=user)
project_public.add_contributor(user_write_contrib,
permissions=permissions.WRITE)
project_public.add_contributor(user_read_contrib,
permissions=permissions.READ)
project_public.save()
project_public.add_osf_group(group, permissions.ADMIN)
return project_public
def project(self, user, contribs):
project = ProjectFactory(creator=user)
for contrib in contribs:
if contrib._id != user._id:
project.add_contributor(
contrib,
permissions=[permissions.READ, permissions.WRITE],
visible=True,
save=True
)
return project
def project_public(self, user_admin, read_write_contrib):
project_public = ProjectFactory(title='Project One',
is_public=True,
creator=user_admin)
project_public.add_contributor(
user_admin, permissions=permissions.CREATOR_PERMISSIONS, save=True)
project_public.add_contributor(
read_write_contrib,
permissions=permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS,
save=True)
return project_public
def private_project(self, user):
private_project = ProjectFactory()
private_project.add_contributor(
user,
permissions=[
permissions.READ,
permissions.WRITE
]
)
private_project.save()
return private_project
def private_project(self, user):
private_project = ProjectFactory()
private_project.add_contributor(
user,
permissions=[
permissions.READ,
permissions.WRITE
]
)
private_project.save()
return private_project
def public_node_one(admin, read_contrib, write_contrib):
public_node_one = ProjectFactory(is_public=True,
creator=admin,
title='Public One')
public_node_one.add_contributor(read_contrib,
permissions=permissions.READ,
save=True)
public_node_one.add_contributor(write_contrib,
permissions=permissions.WRITE,
save=True)
return public_node_one
def private_node_two(admin, read_contrib, write_contrib):
private_node_two = ProjectFactory(is_public=False,
creator=admin,
title='Private Two')
private_node_two.add_contributor(read_contrib,
permissions=permissions.READ,
save=True)
private_node_two.add_contributor(write_contrib,
permissions=permissions.WRITE,
save=True)
return private_node_two
class RegistrationsTestBase(OsfTestCase):
def setUp(self):
super(RegistrationsTestBase, self).setUp()
self.user = AuthUserFactory()
self.auth = Auth(self.user)
self.node = ProjectFactory(creator=self.user)
self.non_admin = AuthUserFactory()
self.node.add_contributor(
self.non_admin,
permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS,
auth=self.auth,
save=True
)
self.non_contrib = AuthUserFactory()
self.meta_schema = MetaSchema.objects.get(name='Open-Ended Registration', schema_version=2)
self.draft = DraftRegistrationFactory(
initiator=self.user,
branched_from=self.node,
registration_schema=self.meta_schema,
registration_metadata={
'summary': {'value': 'Some airy'}
}
)
current_month = timezone.now().strftime("%B")
current_year = timezone.now().strftime("%Y")
valid_date = timezone.now() + dt.timedelta(days=180)
self.embargo_payload = {
u'embargoEndDate': unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT',
u'registrationChoice': 'embargo'
}
self.invalid_embargo_date_payload = {
u'embargoEndDate': u"Thu, 01 {month} {year} 05:00:00 GMT".format(
month=current_month,
year=str(int(current_year) - 1)
),
u'registrationChoice': 'embargo'
}
self.immediate_payload = {
'registrationChoice': 'immediate'
}
self.invalid_payload = {
'registrationChoice': 'foobar'
}
def draft_url(self, view_name):
return self.node.web_url_for(view_name, draft_id=self.draft._id)
def draft_api_url(self, view_name):
return self.node.api_url_for(view_name, draft_id=self.draft._id)
def private_node_one(admin, read_contrib, write_contrib):
private_node_one = ProjectFactory(is_public=False,
creator=admin,
title='Private One')
private_node_one.add_contributor(read_contrib,
permissions=[permissions.READ],
save=True)
private_node_one.add_contributor(
write_contrib,
permissions=[permissions.READ, permissions.WRITE],
save=True)
return private_node_one
def public_node_one(admin, read_contrib, write_contrib):
public_node_one = ProjectFactory(
is_public=True, creator=admin, title='Public One')
public_node_one.add_contributor(
read_contrib, permissions=[permissions.READ], save=True)
public_node_one.add_contributor(
write_contrib,
permissions=[
permissions.READ,
permissions.WRITE],
save=True)
return public_node_one
class TestUserSpamListView(AdminTestCase):
def setUp(self):
super(TestUserSpamListView, self).setUp()
self.project = ProjectFactory(is_public=True)
self.user_1 = AuthUserFactory()
self.user_2 = AuthUserFactory()
self.project.add_contributor(self.user_1)
self.project.add_contributor(self.user_2)
self.project.save()
self.user_1.save()
self.user_2.save()
self.comment_1 = CommentFactory(node=self.project, user=self.user_1)
self.comment_2 = CommentFactory(node=self.project, user=self.user_1)
self.comment_3 = CommentFactory(node=self.project, user=self.user_1)
self.comment_4 = CommentFactory(node=self.project, user=self.user_1)
self.comment_5 = CommentFactory(node=self.project, user=self.user_2)
self.comment_6 = CommentFactory(node=self.project, user=self.user_2)
self.comment_1.report_abuse(user=self.user_2,
save=True,
category='spam')
self.comment_2.report_abuse(user=self.user_2,
save=True,
category='spam')
self.comment_3.report_abuse(user=self.user_2,
save=True,
category='spam')
self.comment_4.report_abuse(user=self.user_2,
save=True,
category='spam')
self.comment_5.report_abuse(user=self.user_1,
save=True,
category='spam')
self.comment_6.report_abuse(user=self.user_1,
save=True,
category='spam')
self.request = RequestFactory().get('/fake_path')
self.view = UserSpamList()
self.view = setup_view(self.view,
self.request,
user_id=self.user_1._id)
def test_get_user_spam(self):
res = list(self.view.get_queryset())
nt.assert_equal(len(res), 4)
def test_get_context_data(self):
self.view.object_list = self.view.get_queryset()
res = self.view.get_context_data()
nt.assert_is_instance(res['spam'], list)
nt.assert_is_instance(res['spam'][0], dict)
nt.assert_equal(res['status'], '1')
nt.assert_equal(res['page_number'], 1)
nt.assert_equal(res['user_id'], self.user_1._id)
def public_node_two(admin, read_contrib, write_contrib):
public_node_two = ProjectFactory(
is_public=True, creator=admin, title='Public Two')
public_node_two.add_contributor(
read_contrib, permissions=[permissions.READ], save=True)
public_node_two.add_contributor(
write_contrib,
permissions=[
permissions.READ,
permissions.WRITE],
save=True)
return public_node_two
def new_project(creator, public=True, contrib=None, citation=False, registration=False):
project = ProjectFactory(creator=creator, is_public=public)
if contrib:
project.add_contributor(contrib, permissions=[permissions.READ, permissions.WRITE], visible=True)
if citation:
citation = AlternativeCitationFactory(name='name', text='text')
project.alternative_citations.add(citation)
project.save()
if registration:
registration = RegistrationFactory(project=project, is_public=public)
return registration
return project
def private_node_one(self, creation_user, contributing_read_user,
contributing_write_user):
private_node_one = ProjectFactory(is_public=False,
creator=creation_user,
title='Private One')
private_node_one.add_contributor(contributing_read_user,
permissions=permissions.READ,
save=True)
private_node_one.add_contributor(contributing_write_user,
permissions=permissions.WRITE,
save=True)
return private_node_one
class TestPrivateLinkView(OsfTestCase):
def setUp(self):
super(TestPrivateLinkView, self).setUp()
self.user = AuthUserFactory() # Is NOT a contributor
self.project = ProjectFactory(is_public=False)
self.link = PrivateLinkFactory(anonymous=True)
self.link.nodes.add(self.project)
self.link.save()
self.project_url = self.project.web_url_for('view_project')
def test_anonymous_link_hide_contributor(self):
res = self.app.get(self.project_url, {'view_only': self.link.key})
assert_in('Anonymous Contributors', res.body)
assert_not_in(self.user.fullname, res)
def test_anonymous_link_hides_citations(self):
res = self.app.get(self.project_url, {'view_only': self.link.key})
assert_not_in('Citation:', res)
def test_no_warning_for_read_only_user_with_valid_link(self):
link2 = PrivateLinkFactory(anonymous=False)
link2.nodes.add(self.project)
link2.save()
self.project.add_contributor(
self.user,
permissions=['read'],
save=True,
)
res = self.app.get(self.project_url, {'view_only': link2.key},
auth=self.user.auth)
assert_not_in(
'is being viewed through a private, view-only link. '
'Anyone with the link can view this project. Keep '
'the link safe.',
res.body
)
def test_no_warning_for_read_only_user_with_invalid_link(self):
self.project.add_contributor(
self.user,
permissions=['read'],
save=True,
)
res = self.app.get(self.project_url, {'view_only': 'not_valid'},
auth=self.user.auth)
assert_not_in(
'is being viewed through a private, view-only link. '
'Anyone with the link can view this project. Keep '
'the link safe.',
res.body
)
class TestPrivateLinkView(OsfTestCase):
def setUp(self):
super(TestPrivateLinkView, self).setUp()
self.user = AuthUserFactory() # Is NOT a contributor
self.project = ProjectFactory(is_public=False)
self.link = PrivateLinkFactory(anonymous=True)
self.link.nodes.add(self.project)
self.link.save()
self.project_url = self.project.web_url_for('view_project')
def test_anonymous_link_hide_contributor(self):
res = self.app.get(self.project_url, {'view_only': self.link.key})
assert_in('Anonymous Contributors', res.body)
assert_not_in(self.user.fullname, res)
def test_anonymous_link_hides_citations(self):
res = self.app.get(self.project_url, {'view_only': self.link.key})
assert_not_in('Citation:', res)
def test_no_warning_for_read_only_user_with_valid_link(self):
link2 = PrivateLinkFactory(anonymous=False)
link2.nodes.add(self.project)
link2.save()
self.project.add_contributor(
self.user,
permissions=['read'],
save=True,
)
res = self.app.get(self.project_url, {'view_only': link2.key},
auth=self.user.auth)
assert_not_in(
'is being viewed through a private, view-only link. '
'Anyone with the link can view this project. Keep '
'the link safe.',
res.body
)
def test_no_warning_for_read_only_user_with_invalid_link(self):
self.project.add_contributor(
self.user,
permissions=['read'],
save=True,
)
res = self.app.get(self.project_url, {'view_only': 'not_valid'},
auth=self.user.auth)
assert_not_in(
'is being viewed through a private, view-only link. '
'Anyone with the link can view this project. Keep '
'the link safe.',
res.body
)
def test_non_visible_contributors_arent_included_in_csl(self):
node = ProjectFactory()
visible = UserFactory()
node.add_contributor(visible, auth=Auth(node.creator))
invisible = UserFactory()
node.add_contributor(invisible, auth=Auth(node.creator), visible=False)
node.save()
assert_equal(len(node.csl['author']), 2)
expected_authors = [
contrib.csl_name(node._id) for contrib in [node.creator, visible]
]
assert_equal(node.csl['author'], expected_authors)
def test_non_visible_contributors_arent_included_in_csl(self):
node = ProjectFactory()
visible = UserFactory()
node.add_contributor(visible, auth=Auth(node.creator))
invisible = UserFactory()
node.add_contributor(invisible, auth=Auth(node.creator), visible=False)
node.save()
assert_equal(len(node.csl['author']), 2)
expected_authors = [
contrib.csl_name(node._id) for contrib in [node.creator, visible]
]
assert_equal(node.csl['author'], expected_authors)
def test_users_projects_in_common_with_embed_without_right_query(self):
project = ProjectFactory(creator=self.user_one)
project.add_contributor(contributor=self.user_two,
permissions=CREATOR_PERMISSIONS,
auth=Auth(user=self.user_one))
project.save()
url = "/{}users/{}/nodes/?embed=contributors".format(
API_BASE, self.user_two._id)
res = self.app.get(url, auth=self.user_two.auth)
user_json = res.json['data'][0]['embeds']['contributors']['data']
for user in user_json:
meta = user['embeds']['users']['data']['relationships']['nodes'][
'links']['related']['meta']
assert_not_in('projects_in_common', meta)
def test_users_projects_in_common_with_embed_and_right_query(self, app, user_one, user_two):
project = ProjectFactory(creator=user_one)
project.add_contributor(
contributor=user_two,
permissions=CREATOR_PERMISSIONS,
auth=Auth(user=user_one)
)
project.save()
url = '/{}users/{}/nodes/?embed=contributors&show_projects_in_common=true'.format(API_BASE, user_two._id)
res = app.get(url, auth=user_two.auth)
user_json = res.json['data'][0]['embeds']['contributors']['data']
for user in user_json:
meta = user['embeds']['users']['data']['relationships']['nodes']['links']['related']['meta']
assert 'projects_in_common' in meta
assert meta['projects_in_common'] == 1
class TestViewProject(OsfTestCase):
def setUp(self):
super(TestViewProject, self).setUp()
self.user = UserFactory()
self.node = ProjectFactory(creator=self.user)
# related to https://github.com/CenterForOpenScience/openscienceframework.org/issues/1109
def test_view_project_pointer_count_excludes_folders(self):
pointer_project = ProjectFactory(
is_public=True) # project that points to another project
pointed_project = self.node # project that other project points to
pointer_project.add_pointer(pointed_project,
Auth(pointer_project.creator),
save=True)
# Project is in a organizer collection
folder = CollectionFactory(creator=pointed_project.creator)
folder.add_pointer(pointed_project,
Auth(pointed_project.creator),
save=True)
result = _view_project(pointed_project, Auth(pointed_project.creator))
# pointer_project is included in count, but not folder
assert_equal(result['node']['points'], 1)
def test_view_project_pending_registration_for_admin_contributor_does_contain_cancel_link(
self):
pending_reg = RegistrationFactory(project=self.node, archive=True)
assert_true(pending_reg.is_pending_registration)
result = _view_project(pending_reg, Auth(self.user))
assert_not_equal(result['node']['disapproval_link'], '')
assert_in('/?token=', result['node']['disapproval_link'])
pending_reg.remove()
def test_view_project_pending_registration_for_write_contributor_does_not_contain_cancel_link(
self):
write_user = UserFactory()
self.node.add_contributor(write_user,
permissions=permissions.WRITE,
auth=Auth(self.user),
save=True)
pending_reg = RegistrationFactory(project=self.node, archive=True)
assert_true(pending_reg.is_pending_registration)
result = _view_project(pending_reg, Auth(write_user))
assert_equal(result['node']['disapproval_link'], '')
pending_reg.remove()
def test_import_auth_cant_write_node(self):
ea = self.ExternalAccountFactory()
user = AuthUserFactory()
user.add_addon(self.ADDON_SHORT_NAME, auth=Auth(user))
user.external_accounts.add(ea)
user.save()
node = ProjectFactory(creator=self.user)
node.add_contributor(user, permissions=[permissions.READ], auth=self.auth, save=True)
node.add_addon(self.ADDON_SHORT_NAME, auth=self.auth)
node.save()
url = node.api_url_for('{0}_import_auth'.format(self.ADDON_SHORT_NAME))
res = self.app.put_json(url, {
'external_account_id': ea._id
}, auth=user.auth, expect_errors=True)
assert_equal(res.status_code, http.FORBIDDEN)
class TestPreprintIsPublishedDetail(ApiTestCase):
def setUp(self):
super(TestPreprintIsPublishedDetail, self).setUp()
self.admin = AuthUserFactory()
self.write_contrib = AuthUserFactory()
self.non_contrib = AuthUserFactory()
self.public_project = ProjectFactory(creator=self.admin,
is_public=True)
self.public_project.add_contributor(self.write_contrib,
permissions=['read', 'write'],
save=True)
self.subject = SubjectFactory()
self.provider = PreprintProviderFactory()
self.file_one_public_project = test_utils.create_test_file(
self.public_project, self.admin, 'mgla.pdf')
self.unpublished_preprint = PreprintFactory(
creator=self.admin,
filename='mgla.pdf',
provider=self.provider,
subjects=[[self.subject._id]],
project=self.public_project,
is_published=False)
self.url = '/{}preprints/{}/'.format(API_BASE,
self.unpublished_preprint._id)
def test_unpublished_visible_to_admins(self):
res = self.app.get(self.url, auth=self.admin.auth)
assert res.json['data']['id'] == self.unpublished_preprint._id
def test_unpublished_invisible_to_write_contribs(self):
res = self.app.get(self.url,
auth=self.write_contrib.auth,
expect_errors=True)
assert res.status_code == 403
def test_unpublished_invisible_to_non_contribs(self):
res = self.app.get(self.url,
auth=self.non_contrib.auth,
expect_errors=True)
assert res.status_code == 403
def test_unpublished_invisible_to_public(self):
res = self.app.get(self.url, expect_errors=True)
assert res.status_code == 401
class TestGithubViews(OsfTestCase):
def setUp(self):
super(TestGithubViews, self).setUp()
self.user = AuthUserFactory()
self.consolidated_auth = Auth(user=self.user)
self.project = ProjectFactory(creator=self.user)
self.non_authenticator = UserFactory()
self.project.add_contributor(
contributor=self.non_authenticator,
auth=self.consolidated_auth,
)
self.project.creator.add_addon('github')
self.project.creator.external_accounts.add(GitHubAccountFactory())
self.project.creator.save()
self.project.save()
self.project.add_addon('github', auth=self.consolidated_auth)
self.github = create_mock_github(user='******', private=False)
self.node_settings = self.project.get_addon('github')
self.node_settings.user_settings = self.project.creator.get_addon('github')
# Set the node addon settings to correspond to the values of the mock repo
self.node_settings.user = self.github.repo.return_value.owner.login
self.node_settings.repo = self.github.repo.return_value.name
self.node_settings.save()
def _get_sha_for_branch(self, branch=None, mock_branches=None):
github_mock = self.github
if mock_branches is None:
mock_branches = github_mock.branches
if branch is None: # Get default branch name
branch = self.github.repo.return_value.default_branch
for each in mock_branches.return_value:
if each.name == branch:
branch_sha = each.commit.sha
return branch_sha
# Tests for _get_refs
@mock.patch('addons.github.api.GitHubClient.branches')
@mock.patch('addons.github.api.GitHubClient.repo')
def test_get_refs_defaults(self, mock_repo, mock_branches):
github_mock = self.github
mock_repo.return_value = github_mock.repo.return_value
mock_branches.return_value = github_mock.branches.return_value
branch, sha, branches = utils.get_refs(self.node_settings)
def test_implicit_admins_can_see_project_status(self):
project = ProjectFactory(creator=self.admin)
component = NodeFactory(creator=self.admin, parent=project)
project.add_contributor(self.write_contrib, ['read', 'write', 'admin'])
project.save()
preprint = PreprintFactory(creator=self.admin, filename='mgla.pdf', provider=self.provider_one, subjects=[[self.subject_one._id]], project=component, is_published=True)
preprint.machine_state = 'pending'
provider = PreprintProviderFactory(reviews_workflow='post-moderation')
preprint.provider = provider
preprint.save()
url = component.web_url_for('view_project')
res = self.app.get(url, auth=self.write_contrib.auth)
assert_in('{}'.format(preprint.provider.name), res.body)
assert_in('Pending\n', res.body)
assert_in('This preprint is publicly available and searchable but is subject to removal by a moderator.', res.body)
def test_serialize_node_summary_private_fork_private_project_should_include_is_fork(self):
# contributor on a private project
user = UserFactory()
node = ProjectFactory(is_public=False)
node.add_contributor(user)
# contributor cannot see private fork of this project
consolidated_auth = Auth(user=node.creator)
fork = node.fork_node(consolidated_auth)
res = serialize_node_summary(
fork, auth=Auth(user),
primary=True,
)
# serialized result should have is_fork
assert_false(res['can_view'])
assert_true(res['is_fork'])
class ViewOnlyLinkTestCase(ApiTestCase):
def setUp(self):
super(ViewOnlyLinkTestCase, self).setUp()
self.user = AuthUserFactory()
self.read_only_user = AuthUserFactory()
self.read_write_user = AuthUserFactory()
self.non_contributor = AuthUserFactory()
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_project.add_contributor(self.read_only_user, permissions=[permissions.READ])
self.public_project.add_contributor(self.read_write_user, permissions=[permissions.WRITE])
self.public_project.save()
self.view_only_link = PrivateLinkFactory(name='testlink')
self.view_only_link.nodes.add(self.public_project)
self.view_only_link.save()
