class RegistrationApprovalModelTestCase(OsfTestCase):
def setUp(self):
super(RegistrationApprovalModelTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project)
self.embargo = EmbargoFactory(user=self.user)
self.valid_embargo_end_date = timezone.now() + datetime.timedelta(
days=3)
def test__require_approval_saves_approval(self):
initial_count = RegistrationApproval.objects.all().count()
self.registration._initiate_approval(self.user)
assert_equal(RegistrationApproval.objects.all().count(),
initial_count + 1)
def test__initiate_approval_does_not_create_tokens_for_unregistered_admin(
self):
unconfirmed_user = UnconfirmedUserFactory()
Contributor.objects.create(node=self.registration,
user=unconfirmed_user)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user,
'admin'))
approval = self.registration._initiate_approval(self.user)
assert_true(self.user._id in approval.approval_state)
assert_false(unconfirmed_user._id in approval.approval_state)
def test__initiate_approval_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin,
auth=Auth(project.creator),
save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin,
auth=Auth(child.creator),
save=True)
grandchild = NodeFactory(creator=grandchild_admin,
parent=child) # noqa
registration = RegistrationFactory(project=project)
approval = registration._initiate_approval(registration.creator)
assert_in(project_admin._id, approval.approval_state)
assert_in(child_admin._id, approval.approval_state)
assert_in(grandchild_admin._id, approval.approval_state)
assert_not_in(project_non_admin._id, approval.approval_state)
assert_not_in(child_non_admin._id, approval.approval_state)
def test_require_approval_from_non_admin_raises_PermissionsError(self):
self.registration.remove_permission(self.user, 'admin')
self.registration.save()
self.registration.reload()
with assert_raises(PermissionsError):
self.registration.require_approval(self.user)
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
invalid_approval_token = 'not a real token'
with assert_raises(InvalidSanctionApprovalToken):
self.registration.registration_approval.approve(
self.user, invalid_approval_token)
assert_true(self.registration.is_pending_registration)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.require_approval(self.user, )
self.registration.save()
assert_true(self.registration.is_pending_registration)
approval_token = self.registration.registration_approval.approval_state[
self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.registration_approval.approve(
non_admin, approval_token)
assert_true(self.registration.is_pending_registration)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.require_approval(self.user)
self.registration.save()
approval_token = self.registration.registration_approval.approval_state[
self.user._id]['approval_token']
self.registration.registration_approval.approve(
self.user, approval_token)
# adds initiated, approved, and registered logs
assert_equal(self.registration.registered_from.logs.count(),
initial_project_logs + 3)
def test_one_approval_with_two_admins_stays_pending(self):
admin2 = UserFactory()
Contributor.objects.create(node=self.registration, user=admin2)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.require_approval(self.user)
self.registration.save()
# First admin approves
approval_token = self.registration.registration_approval.approval_state[
self.user._id]['approval_token']
self.registration.registration_approval.approve(
self.user, approval_token)
assert_true(self.registration.is_pending_registration)
num_of_approvals = sum([
val['has_approved'] for val in
self.registration.registration_approval.approval_state.values()
])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.registration_approval.approval_state[
admin2._id]['approval_token']
self.registration.registration_approval.approve(admin2, approval_token)
assert_false(self.registration.is_pending_registration)
num_of_approvals = sum([
val['has_approved'] for val in
self.registration.registration_approval.approval_state.values()
])
assert_equal(num_of_approvals, 2)
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(
self):
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.registration_approval.reject(
self.user, fake.sentence())
assert_true(self.registration.is_pending_registration)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
rejection_token = self.registration.registration_approval.approval_state[
self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.registration_approval.reject(
non_admin, rejection_token)
assert_true(self.registration.is_pending_registration)
def test_one_disapproval_cancels_registration_approval(self):
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
rejection_token = self.registration.registration_approval.approval_state[
self.user._id]['rejection_token']
self.registration.registration_approval.reject(self.user,
rejection_token)
assert_equal(self.registration.registration_approval.state,
Sanction.REJECTED)
assert_false(self.registration.is_pending_registration)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.require_approval(self.user)
self.registration.save()
rejection_token = self.registration.registration_approval.approval_state[
self.user._id]['rejection_token']
registered_from = self.registration.registered_from
self.registration.registration_approval.reject(self.user,
rejection_token)
# Logs: Created, registered, embargo initiated, embargo cancelled
assert_equal(registered_from.logs.count(), initial_project_logs + 2)
def test_cancelling_registration_approval_deletes_parent_registration(
self):
self.registration.require_approval(self.user)
self.registration.save()
rejection_token = self.registration.registration_approval.approval_state[
self.user._id]['rejection_token']
self.registration.registration_approval.reject(self.user,
rejection_token)
self.registration.reload()
assert_equal(self.registration.registration_approval.state,
Sanction.REJECTED)
assert_true(self.registration.is_deleted)
def test_cancelling_registration_approval_deletes_component_registrations(
self):
component = NodeFactory(creator=self.user,
parent=self.project,
title='Component')
NodeFactory(creator=self.user, parent=component, title='Subcomponent')
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration._nodes.first()
subcomponent_registration = component_registration._nodes.first()
project_registration.require_approval(self.user)
project_registration.save()
rejection_token = project_registration.registration_approval.approval_state[
self.user._id]['rejection_token']
project_registration.registration_approval.reject(
self.user, rejection_token)
project_registration.reload()
component_registration.reload()
subcomponent_registration.reload()
assert_equal(project_registration.registration_approval.state,
Sanction.REJECTED)
assert_true(project_registration.is_deleted)
assert_true(component_registration.is_deleted)
assert_true(subcomponent_registration.is_deleted)
def test_new_registration_is_pending_registration(self):
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
def test_on_complete_notify_initiator(self):
self.registration.require_approval(self.user,
notify_initiator_on_complete=True)
self.registration.save()
with mock.patch.object(PreregCallbackMixin,
'_notify_initiator') as mock_notify:
self.registration.registration_approval._on_complete(self.user)
assert_equal(mock_notify.call_count, 1)
def test__on_complete_makes_project_and_components_public(self):
project_admin = UserFactory()
child_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin, is_public=False)
child = NodeFactory(creator=child_admin,
parent=project,
is_public=False)
grandchild = NodeFactory(creator=grandchild_admin,
parent=child,
is_public=False) # noqa
registration = RegistrationFactory(project=project)
with mock.patch.object(PreregCallbackMixin, '_notify_initiator'):
registration.registration_approval._on_complete(self.user)
def test__on_complete_raises_error_if_project_is_spam(self):
self.registration.require_approval(self.user,
notify_initiator_on_complete=True)
self.registration.spam_status = SpamStatus.FLAGGED
self.registration.save()
with mock.patch.object(PreregCallbackMixin,
'_notify_initiator') as mock_notify:
with assert_raises(NodeStateError):
self.registration.registration_approval._on_complete(self.user)
assert_equal(mock_notify.call_count, 0)
class RegistrationEmbargoApprovalDisapprovalViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoApprovalDisapprovalViewsTestCase, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(creator=self.user, project=self.project)
def test_GET_approve_registration_without_embargo_raises_HTTPBad_Request(self):
assert_false(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for('view_project', token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_approve_with_invalid_token_returns_HTTPBad_Request(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for('view_project', token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_approve_with_wrong_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
Contributor.objects.create(user=admin2, node=self.registration)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_approval_token = self.registration.embargo.approval_state[admin2._id]['approval_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=wrong_approval_token),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_approve_with_wrong_admins_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
Contributor.objects.create(user=admin2, node=self.registration)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_approval_token = self.registration.embargo.approval_state[admin2._id]['approval_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=wrong_approval_token),
auth=self.user.auth,
expect_errors=True
)
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
@mock.patch('flask.redirect')
def test_GET_approve_with_valid_token_redirects(self, mock_redirect):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.app.get(
self.registration.web_url_for('view_project', token=approval_token),
auth=self.user.auth,
)
self.registration.embargo.reload()
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
assert_true(mock_redirect.called_with(self.registration.web_url_for('view_project')))
def test_GET_disapprove_registration_without_embargo_HTTPBad_Request(self):
assert_false(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for('view_project', token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_invalid_token_returns_HTTPBad_Request(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for('view_project', token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True
)
self.registration.embargo.reload()
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_wrong_admins_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
Contributor.objects.create(user=admin2, node=self.registration)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_rejection_token = self.registration.embargo.approval_state[admin2._id]['rejection_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=wrong_rejection_token),
auth=self.user.auth,
expect_errors=True
)
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_valid(self):
project = ProjectFactory(creator=self.user)
registration = RegistrationFactory(project=project)
registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
registration.save()
assert_true(registration.is_pending_embargo)
rejection_token = registration.embargo.approval_state[self.user._id]['rejection_token']
res = self.app.get(
registration.registered_from.web_url_for('view_project', token=rejection_token),
auth=self.user.auth,
)
registration.embargo.reload()
assert_equal(registration.embargo.state, Embargo.REJECTED)
assert_false(registration.is_pending_embargo)
assert_equal(res.status_code, 200)
assert_equal(project.web_url_for('view_project'), res.request.path)
def test_GET_disapprove_for_existing_registration_returns_200(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=rejection_token),
auth=self.user.auth,
)
self.registration.embargo.reload()
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_pending_embargo)
assert_equal(res.status_code, 200)
assert_equal(res.request.path, self.registration.web_url_for('view_project'))
def test_GET_from_unauthorized_user_with_registration_token(self):
unauthorized_user = AuthUserFactory()
self.registration.require_approval(self.user)
self.registration.save()
app_token = self.registration.registration_approval.approval_state[self.user._id]['approval_token']
rej_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
# Test unauth user cannot approve
res = self.app.get(
# approval token goes through registration
self.registration.web_url_for('view_project', token=app_token),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 401)
# Test unauth user cannot reject
res = self.app.get(
# rejection token goes through registration parent
self.project.web_url_for('view_project', token=rej_token),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 401)
# Delete Node and try again
self.project.is_deleted = True
self.project.save()
# Test unauth user cannot approve deleted node
res = self.app.get(
self.registration.web_url_for('view_project', token=app_token),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 401)
# Test unauth user cannot reject
res = self.app.get(
self.project.web_url_for('view_project', token=rej_token),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 401)
# Test auth user can approve registration with deleted parent
res = self.app.get(
self.registration.web_url_for('view_project', token=app_token),
auth=self.user.auth,
)
assert_equal(res.status_code, 200)
def test_GET_from_authorized_user_with_registration_app_token(self):
self.registration.require_approval(self.user)
self.registration.save()
app_token = self.registration.registration_approval.approval_state[self.user._id]['approval_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=app_token),
auth=self.user.auth,
)
assert_equal(res.status_code, 200)
def test_GET_from_authorized_user_with_registration_rej_token(self):
self.registration.require_approval(self.user)
self.registration.save()
rej_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
res = self.app.get(
self.project.web_url_for('view_project', token=rej_token),
auth=self.user.auth,
)
assert_equal(res.status_code, 200)
def test_GET_from_authorized_user_with_registration_rej_token_deleted_node(self):
self.registration.require_approval(self.user)
self.registration.save()
rej_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
self.project.is_deleted = True
self.project.save()
res = self.app.get(
self.project.web_url_for('view_project', token=rej_token),
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 410)
res = self.app.get(
self.registration.web_url_for('view_project'),
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 410)
class RegistrationApprovalModelTestCase(OsfTestCase):
def setUp(self):
super(RegistrationApprovalModelTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project)
self.embargo = EmbargoFactory(user=self.user)
self.valid_embargo_end_date = timezone.now() + datetime.timedelta(days=3)
def test__require_approval_saves_approval(self):
initial_count = RegistrationApproval.objects.all().count()
self.registration._initiate_approval(
self.user
)
assert_equal(RegistrationApproval.objects.all().count(), initial_count + 1)
def test__initiate_approval_does_not_create_tokens_for_unregistered_admin(self):
unconfirmed_user = UnconfirmedUserFactory()
Contributor.objects.create(node=self.registration, user=unconfirmed_user)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user, 'admin'))
approval = self.registration._initiate_approval(
self.user
)
assert_true(self.user._id in approval.approval_state)
assert_false(unconfirmed_user._id in approval.approval_state)
def test__initiate_approval_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin, auth=Auth(project.creator), save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin, auth=Auth(child.creator), save=True)
grandchild = NodeFactory(creator=grandchild_admin, parent=child) # noqa
registration = RegistrationFactory(project=project)
approval = registration._initiate_approval(registration.creator)
assert_in(project_admin._id, approval.approval_state)
assert_in(child_admin._id, approval.approval_state)
assert_in(grandchild_admin._id, approval.approval_state)
assert_not_in(project_non_admin._id, approval.approval_state)
assert_not_in(child_non_admin._id, approval.approval_state)
def test_require_approval_from_non_admin_raises_PermissionsError(self):
self.registration.remove_permission(self.user, 'admin')
self.registration.save()
self.registration.reload()
with assert_raises(PermissionsError):
self.registration.require_approval(self.user)
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.require_approval(
self.user
)
self.registration.save()
assert_true(self.registration.is_pending_registration)
invalid_approval_token = 'not a real token'
with assert_raises(InvalidSanctionApprovalToken):
self.registration.registration_approval.approve(self.user, invalid_approval_token)
assert_true(self.registration.is_pending_registration)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.require_approval(
self.user,
)
self.registration.save()
assert_true(self.registration.is_pending_registration)
approval_token = self.registration.registration_approval.approval_state[self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.registration_approval.approve(non_admin, approval_token)
assert_true(self.registration.is_pending_registration)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.require_approval(
self.user
)
self.registration.save()
approval_token = self.registration.registration_approval.approval_state[self.user._id]['approval_token']
self.registration.registration_approval.approve(self.user, approval_token)
# adds initiated, approved, and registered logs
assert_equal(self.registration.registered_from.logs.count(), initial_project_logs + 3)
def test_one_approval_with_two_admins_stays_pending(self):
admin2 = UserFactory()
Contributor.objects.create(node=self.registration, user=admin2)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.require_approval(
self.user
)
self.registration.save()
# First admin approves
approval_token = self.registration.registration_approval.approval_state[self.user._id]['approval_token']
self.registration.registration_approval.approve(self.user, approval_token)
assert_true(self.registration.is_pending_registration)
num_of_approvals = sum([val['has_approved'] for val in self.registration.registration_approval.approval_state.values()])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.registration_approval.approval_state[admin2._id]['approval_token']
self.registration.registration_approval.approve(admin2, approval_token)
assert_false(self.registration.is_pending_registration)
num_of_approvals = sum([val['has_approved'] for val in self.registration.registration_approval.approval_state.values()])
assert_equal(num_of_approvals, 2)
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(self):
self.registration.require_approval(
self.user
)
self.registration.save()
assert_true(self.registration.is_pending_registration)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.registration_approval.reject(self.user, fake.sentence())
assert_true(self.registration.is_pending_registration)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.require_approval(
self.user
)
self.registration.save()
assert_true(self.registration.is_pending_registration)
rejection_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.registration_approval.reject(non_admin, rejection_token)
assert_true(self.registration.is_pending_registration)
def test_one_disapproval_cancels_registration_approval(self):
self.registration.require_approval(
self.user
)
self.registration.save()
assert_true(self.registration.is_pending_registration)
rejection_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
self.registration.registration_approval.reject(self.user, rejection_token)
assert_equal(self.registration.registration_approval.state, Sanction.REJECTED)
assert_false(self.registration.is_pending_registration)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.require_approval(self.user)
self.registration.save()
rejection_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
registered_from = self.registration.registered_from
self.registration.registration_approval.reject(self.user, rejection_token)
# Logs: Created, registered, embargo initiated, embargo cancelled
assert_equal(registered_from.logs.count(), initial_project_logs + 2)
def test_cancelling_registration_approval_deletes_parent_registration(self):
self.registration.require_approval(
self.user
)
self.registration.save()
rejection_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
self.registration.registration_approval.reject(self.user, rejection_token)
self.registration.reload()
assert_equal(self.registration.registration_approval.state, Sanction.REJECTED)
assert_true(self.registration.is_deleted)
def test_cancelling_registration_approval_deletes_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
NodeFactory(
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration._nodes.first()
subcomponent_registration = component_registration._nodes.first()
project_registration.require_approval(
self.user
)
project_registration.save()
rejection_token = project_registration.registration_approval.approval_state[self.user._id]['rejection_token']
project_registration.registration_approval.reject(self.user, rejection_token)
project_registration.reload()
component_registration.reload()
subcomponent_registration.reload()
assert_equal(project_registration.registration_approval.state, Sanction.REJECTED)
assert_true(project_registration.is_deleted)
assert_true(component_registration.is_deleted)
assert_true(subcomponent_registration.is_deleted)
def test_new_registration_is_pending_registration(self):
self.registration.require_approval(
self.user
)
self.registration.save()
assert_true(self.registration.is_pending_registration)
def test_on_complete_notify_initiator(self):
self.registration.require_approval(
self.user,
notify_initiator_on_complete=True
)
self.registration.save()
with mock.patch.object(PreregCallbackMixin, '_notify_initiator') as mock_notify:
self.registration.registration_approval._on_complete(self.user)
assert_equal(mock_notify.call_count, 1)
def test__on_complete_makes_project_and_components_public(self):
project_admin = UserFactory()
child_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin, is_public=False)
child = NodeFactory(creator=child_admin, parent=project, is_public=False)
grandchild = NodeFactory(creator=grandchild_admin, parent=child, is_public=False) # noqa
registration = RegistrationFactory(project=project)
with mock.patch.object(PreregCallbackMixin, '_notify_initiator'):
registration.registration_approval._on_complete(self.user)
def test__on_complete_raises_error_if_project_is_spam(self):
self.registration.require_approval(
self.user,
notify_initiator_on_complete=True
)
self.registration.spam_status = SpamStatus.FLAGGED
self.registration.save()
with mock.patch.object(PreregCallbackMixin, '_notify_initiator') as mock_notify:
with assert_raises(NodeStateError):
self.registration.registration_approval._on_complete(self.user)
assert_equal(mock_notify.call_count, 0)
class RegistrationEmbargoModelsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoModelsTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project)
self.embargo = EmbargoFactory(user=self.user)
self.valid_embargo_end_date = timezone.now() + datetime.timedelta(days=3)
# Node#_initiate_embargo tests
def test__initiate_embargo_saves_embargo(self):
initial_count = Embargo.objects.all().count()
self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_equal(Embargo.objects.all().count(), initial_count + 1)
def test_state_can_be_set_to_complete(self):
embargo = EmbargoFactory()
embargo.state = Embargo.COMPLETED
embargo.save() # should pass validation
assert_equal(embargo.state, Embargo.COMPLETED)
def test__initiate_embargo_does_not_create_tokens_for_unregistered_admin(self):
unconfirmed_user = UnconfirmedUserFactory()
Contributor.objects.create(user=unconfirmed_user, node=self.registration)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user, 'admin'))
embargo = self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_true(self.user._id in embargo.approval_state)
assert_false(unconfirmed_user._id in embargo.approval_state)
def test__initiate_embargo_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin, auth=Auth(project.creator), save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin, auth=Auth(child.creator), save=True)
grandchild = NodeFactory(creator=grandchild_admin, parent=child) # noqa
registration = RegistrationFactory(project=project)
embargo = registration._initiate_embargo(
project.creator,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_in(project_admin._id, embargo.approval_state)
assert_in(child_admin._id, embargo.approval_state)
assert_in(grandchild_admin._id, embargo.approval_state)
assert_not_in(project_non_admin._id, embargo.approval_state)
assert_not_in(child_non_admin._id, embargo.approval_state)
def test__initiate_embargo_with_save_does_save_embargo(self):
initial_count = Embargo.objects.all().count()
self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True,
)
assert_equal(Embargo.objects.all().count(), initial_count + 1)
# Node#embargo_registration tests
def test_embargo_from_non_admin_raises_PermissionsError(self):
self.registration.remove_permission(self.user, 'admin')
self.registration.save()
self.registration.reload()
with assert_raises(PermissionsError):
self.registration.embargo_registration(self.user, self.valid_embargo_end_date)
def test_embargo_end_date_in_past_raises_ValueError(self):
with assert_raises(ValidationError):
self.registration.embargo_registration(
self.user,
datetime.datetime(1999, 1, 1, tzinfo=pytz.utc)
)
def test_embargo_end_date_today_raises_ValueError(self):
with assert_raises(ValidationError):
self.registration.embargo_registration(
self.user,
timezone.now()
)
def test_embargo_end_date_in_far_future_raises_ValidationError(self):
with assert_raises(ValidationError):
self.registration.embargo_registration(
self.user,
datetime.datetime(2099, 1, 1, tzinfo=pytz.utc)
)
def test_embargo_with_valid_end_date_starts_pending_embargo(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
def test_embargo_public_project_makes_private_pending_embargo(self):
self.registration.is_public = True
assert_true(self.registration.is_public)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.is_public)
# Embargo#approve_embargo tests
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
invalid_approval_token = 'not a real token'
with assert_raises(InvalidSanctionApprovalToken):
self.registration.embargo.approve_embargo(self.user, invalid_approval_token)
assert_true(self.registration.is_pending_embargo)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.embargo.approve_embargo(non_admin, approval_token)
assert_true(self.registration.is_pending_embargo)
def test_one_approval_with_one_admin_embargoes(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
# Logs: Created, registered, embargo initiated, embargo approved
assert_equal(self.registration.registered_from.logs.count(), initial_project_logs + 2)
def test_one_approval_with_two_admins_stays_pending(self):
admin2 = UserFactory()
Contributor.objects.create(user=admin2, node=self.registration)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
# First admin approves
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.is_pending_embargo)
num_of_approvals = sum([val['has_approved'] for val in self.registration.embargo.approval_state.values()])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.embargo.approval_state[admin2._id]['approval_token']
self.registration.embargo.approve_embargo(admin2, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
num_of_approvals = sum([val['has_approved'] for val in self.registration.embargo.approval_state.values()])
assert_equal(num_of_approvals, 2)
# Embargo#disapprove_embargo tests
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.embargo.disapprove_embargo(self.user, fake.sentence())
assert_true(self.registration.is_pending_embargo)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.embargo.disapprove_embargo(non_admin, rejection_token)
assert_true(self.registration.is_pending_embargo)
def test_one_disapproval_cancels_embargo(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_pending_embargo)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
registered_from = self.registration.registered_from
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
# Logs: Created, registered, embargo initiated, embargo cancelled
assert_equal(registered_from.logs.count(), initial_project_logs + 2)
def test_cancelling_embargo_deletes_parent_registration(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
self.registration.reload()
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_true(self.registration.is_deleted)
def test_cancelling_embargo_deletes_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
NodeFactory( # subcomponent
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration._nodes.first()
subcomponent_registration = component_registration._nodes.first()
project_registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
project_registration.save()
rejection_token = project_registration.embargo.approval_state[self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
project_registration.reload()
assert_true(project_registration.is_deleted)
component_registration.reload()
assert_true(component_registration.is_deleted)
subcomponent_registration.reload()
assert_true(subcomponent_registration.is_deleted)
def test_cancelling_embargo_for_existing_registration_does_not_delete_registration(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_deleted)
def test_rejecting_embargo_for_existing_registration_does_not_deleted_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
NodeFactory( # subcomponent
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration._nodes.first()
subcomponent_registration = component_registration._nodes.first()
project_registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
rejection_token = project_registration.embargo.approval_state[self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
project_registration.save()
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_false(project_registration.is_deleted)
assert_false(component_registration.is_deleted)
assert_false(subcomponent_registration.is_deleted)
# Embargo property tests
def test_new_registration_is_pending_registration(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo_for_existing_registration)
def test_existing_registration_is_not_pending_registration(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_false(self.registration.is_pending_embargo_for_existing_registration)
def test_on_complete_notify_initiator(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
notify_initiator_on_complete=True
)
self.registration.save()
with mock.patch.object(PreregCallbackMixin, '_notify_initiator') as mock_notify:
self.registration.embargo._on_complete(self.user)
assert_equal(mock_notify.call_count, 1)
def test_on_complete_raises_error_if_registration_is_spam(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
notify_initiator_on_complete=True
)
self.registration.spam_status = SpamStatus.FLAGGED
self.registration.save()
with mock.patch.object(PreregCallbackMixin, '_notify_initiator') as mock_notify:
with assert_raises(NodeStateError):
self.registration.embargo._on_complete(self.user)
assert_equal(mock_notify.call_count, 0)
# Regression for OSF-8840
def test_public_embargo_cannot_be_deleted_with_initial_token(self):
embargo_termination_approval = EmbargoTerminationApprovalFactory()
registration = Registration.objects.get(embargo_termination_approval=embargo_termination_approval)
user = registration.contributors.first()
registration.terminate_embargo(Auth(user))
rejection_token = registration.embargo.approval_state[user._id]['rejection_token']
with assert_raises(HTTPError) as e:
registration.embargo.disapprove_embargo(user, rejection_token)
registration.refresh_from_db()
assert registration.is_deleted is False
class RegistrationRetractionModelsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationRetractionModelsTestCase, self).setUp()
self.user = UserFactory()
self.registration = RegistrationFactory(creator=self.user,
is_public=True)
self.valid_justification = fake.sentence()
self.invalid_justification = fake.text(max_nb_chars=3000)
def test_set_public_registration_to_private_raises_NodeStateException(
self):
self.registration.save()
with assert_raises(NodeStateError):
self.registration.set_privacy('private')
self.registration.reload()
assert_true(self.registration.is_public)
def test_initiate_retraction_saves_retraction(self):
initial_count = Retraction.objects.all().count()
self.registration._initiate_retraction(self.user)
assert_equal(Retraction.objects.all().count(), initial_count + 1)
def test__initiate_retraction_does_not_create_tokens_for_unregistered_admin(
self):
unconfirmed_user = UnconfirmedUserFactory()
Contributor.objects.create(node=self.registration,
user=unconfirmed_user)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user,
'admin'))
retraction = self.registration._initiate_retraction(self.user)
assert_true(self.user._id in retraction.approval_state)
assert_false(unconfirmed_user._id in retraction.approval_state)
def test__initiate_retraction_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin,
auth=Auth(project.creator),
save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin,
auth=Auth(child.creator),
save=True)
grandchild = NodeFactory(creator=grandchild_admin,
parent=child) # noqa
registration = RegistrationFactory(project=project)
retraction = registration._initiate_retraction(registration.creator)
assert_in(project_admin._id, retraction.approval_state)
assert_in(child_admin._id, retraction.approval_state)
assert_in(grandchild_admin._id, retraction.approval_state)
assert_not_in(project_non_admin._id, retraction.approval_state)
assert_not_in(child_non_admin._id, retraction.approval_state)
# Backref tests
def test_retraction_initiator_has_backref(self):
self.registration.retract_registration(self.user,
self.valid_justification)
self.registration.save()
self.registration.reload()
assert_equal(
Retraction.objects.filter(initiated_by=self.user).count(), 1)
# Node#retract_registration tests
def test_pending_retract(self):
self.registration.retract_registration(self.user,
self.valid_justification)
self.registration.save()
self.registration.reload()
assert_false(self.registration.is_retracted)
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
assert_equal(self.registration.retraction.justification,
self.valid_justification)
assert_equal(self.registration.retraction.initiated_by, self.user)
assert_equal(self.registration.retraction.initiation_date.date(),
timezone.now().date())
def test_retract_component_raises_NodeStateError(self):
project = ProjectFactory(is_public=True, creator=self.user)
NodeFactory(is_public=True, creator=self.user, parent=project)
registration = RegistrationFactory(is_public=True, project=project)
with assert_raises(NodeStateError):
registration._nodes.first().retract_registration(
self.user, self.valid_justification)
def test_long_justification_raises_ValidationValueError(self):
with assert_raises(DataError):
self.registration.retract_registration(self.user,
self.invalid_justification)
self.registration.save()
assert_is_none(self.registration.retraction)
def test_retract_private_registration_raises_NodeStateError(self):
self.registration.is_public = False
with assert_raises(NodeStateError):
self.registration.retract_registration(self.user,
self.valid_justification)
self.registration.save()
self.registration.reload()
assert_is_none(self.registration.retraction)
def test_retraction_of_registration_pending_embargo_cancels_embargo(self):
self.registration.embargo_registration(
self.user, (timezone.now() + datetime.timedelta(days=10)),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_retraction_of_registration_in_active_embargo_cancels_embargo(
self):
self.registration.embargo_registration(
self.user, (timezone.now() + datetime.timedelta(days=10)),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
embargo_approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user,
embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
retraction_approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, retraction_approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
# Retraction#approve_retraction_tests
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
with assert_raises(InvalidSanctionApprovalToken):
self.registration.retraction.approve_retraction(
self.user, fake.sentence())
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.retraction.approve_retraction(
non_admin, approval_token)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_one_approval_with_one_admin_retracts(self):
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
assert_true(self.registration.is_pending_retraction)
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_true(self.registration.is_retracted)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.retraction.approval_state.values()
])
assert_equal(num_of_approvals, 1)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
# Logs: Created, registered, retraction initiated, retraction approved
assert_equal(self.registration.registered_from.logs.count(),
initial_project_logs + 2)
def test_retraction_of_registration_pending_embargo_cancels_embargo_public(
self):
self.registration.is_public = True
self.registration.embargo_registration(self.user,
timezone.now() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_approval_of_registration_with_embargo_adds_to_parent_projects_log(
self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.is_public = True
self.registration.embargo_registration(self.user,
timezone.now() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
# Logs: Created, registered, embargo initiated, retraction initiated, retraction approved, embargo cancelled
assert_equal(self.registration.registered_from.logs.count(),
initial_project_logs + 4)
def test_retraction_of_public_registration_in_active_embargo_cancels_embargo(
self):
self.registration.is_public = True
self.registration.embargo_registration(self.user,
timezone.now() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
embargo_approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user,
embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
retraction_approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, retraction_approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_two_approvals_with_two_admins_retracts(self):
self.admin2 = UserFactory()
Contributor.objects.create(node=self.registration, user=self.admin2)
self.registration.add_permission(self.admin2, 'admin', save=True)
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
# First admin approves
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_true(self.registration.is_pending_retraction)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.retraction.approval_state.values()
])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.retraction.approval_state[
self.admin2._id]['approval_token']
self.registration.retraction.approve_retraction(
self.admin2, approval_token)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.retraction.approval_state.values()
])
assert_equal(num_of_approvals, 2)
assert_true(self.registration.is_retracted)
def test_one_approval_with_two_admins_stays_pending(self):
self.admin2 = UserFactory()
Contributor.objects.create(node=self.registration, user=self.admin2)
self.registration.add_permission(self.admin2, 'admin', save=True)
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_true(self.registration.is_pending_retraction)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.retraction.approval_state.values()
])
assert_equal(num_of_approvals, 1)
# Retraction#disapprove_retraction tests
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(
self):
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.retraction.disapprove_retraction(
self.user, fake.sentence())
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
rejection_token = self.registration.retraction.approval_state[
self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.retraction.disapprove_retraction(
non_admin, rejection_token)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_one_disapproval_cancels_retraction(self):
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
rejection_token = self.registration.retraction.approval_state[
self.user._id]['rejection_token']
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
self.registration.retraction.disapprove_retraction(
self.user, rejection_token)
assert_true(self.registration.retraction.is_rejected)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
rejection_token = self.registration.retraction.approval_state[
self.user._id]['rejection_token']
self.registration.retraction.disapprove_retraction(
self.user, rejection_token)
# Logs: Created, registered, retraction initiated, retraction cancelled
assert_equal(self.registration.registered_from.logs.count(),
initial_project_logs + 2)
def test__on_complete_makes_project_and_components_public(self):
project_admin = UserFactory()
child_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin, is_public=False)
child = NodeFactory(creator=child_admin,
parent=project,
is_public=False)
grandchild = NodeFactory(creator=grandchild_admin,
parent=child,
is_public=False) # noqa
registration = RegistrationFactory(project=project)
registration._initiate_retraction(self.user)
registration.retraction._on_complete(self.user)
for each in registration.node_and_primary_descendants():
each.reload()
assert_true(each.is_public)
# Retraction property tests
def test_new_retraction_is_pending_retraction(self):
self.registration.retract_registration(self.user)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
class RegistrationEmbargoApprovalDisapprovalViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoApprovalDisapprovalViewsTestCase, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(creator=self.user, project=self.project)
def test_GET_approve_registration_without_embargo_raises_HTTPBad_Request(self):
assert_false(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for('view_project', token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_approve_with_invalid_token_returns_HTTPBad_Request(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for('view_project', token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_approve_with_wrong_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
Contributor.objects.create(user=admin2, node=self.registration)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_approval_token = self.registration.embargo.approval_state[admin2._id]['approval_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=wrong_approval_token),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_approve_with_wrong_admins_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
Contributor.objects.create(user=admin2, node=self.registration)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_approval_token = self.registration.embargo.approval_state[admin2._id]['approval_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=wrong_approval_token),
auth=self.user.auth,
expect_errors=True
)
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
@mock.patch('flask.redirect')
def test_GET_approve_with_valid_token_redirects(self, mock_redirect):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.app.get(
self.registration.web_url_for('view_project', token=approval_token),
auth=self.user.auth,
)
self.registration.embargo.reload()
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
assert_true(mock_redirect.called_with(self.registration.web_url_for('view_project')))
def test_GET_disapprove_registration_without_embargo_HTTPBad_Request(self):
assert_false(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for('view_project', token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_invalid_token_returns_HTTPBad_Request(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for('view_project', token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True
)
self.registration.embargo.reload()
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_wrong_admins_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
Contributor.objects.create(user=admin2, node=self.registration)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_rejection_token = self.registration.embargo.approval_state[admin2._id]['rejection_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=wrong_rejection_token),
auth=self.user.auth,
expect_errors=True
)
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_valid(self):
project = ProjectFactory(creator=self.user)
registration = RegistrationFactory(project=project)
registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
registration.save()
assert_true(registration.is_pending_embargo)
rejection_token = registration.embargo.approval_state[self.user._id]['rejection_token']
res = self.app.get(
registration.registered_from.web_url_for('view_project', token=rejection_token),
auth=self.user.auth,
)
registration.embargo.reload()
assert_equal(registration.embargo.state, Embargo.REJECTED)
assert_false(registration.is_pending_embargo)
assert_equal(res.status_code, 200)
assert_equal(project.web_url_for('view_project'), res.request.path)
def test_GET_disapprove_for_existing_registration_returns_200(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=rejection_token),
auth=self.user.auth,
)
self.registration.embargo.reload()
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_pending_embargo)
assert_equal(res.status_code, 200)
assert_equal(res.request.path, self.registration.web_url_for('view_project'))
def test_GET_from_unauthorized_user_with_registration_token(self):
unauthorized_user = AuthUserFactory()
self.registration.require_approval(self.user)
self.registration.save()
app_token = self.registration.registration_approval.approval_state[self.user._id]['approval_token']
rej_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
# Test unauth user cannot approve
res = self.app.get(
# approval token goes through registration
self.registration.web_url_for('view_project', token=app_token),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 401)
# Test unauth user cannot reject
res = self.app.get(
# rejection token goes through registration parent
self.project.web_url_for('view_project', token=rej_token),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 401)
# Delete Node and try again
self.project.is_deleted = True
self.project.save()
# Test unauth user cannot approve deleted node
res = self.app.get(
self.registration.web_url_for('view_project', token=app_token),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 401)
# Test unauth user cannot reject
res = self.app.get(
self.project.web_url_for('view_project', token=rej_token),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 401)
# Test auth user can approve registration with deleted parent
res = self.app.get(
self.registration.web_url_for('view_project', token=app_token),
auth=self.user.auth,
)
assert_equal(res.status_code, 200)
def test_GET_from_authorized_user_with_registration_app_token(self):
self.registration.require_approval(self.user)
self.registration.save()
app_token = self.registration.registration_approval.approval_state[self.user._id]['approval_token']
res = self.app.get(
self.registration.web_url_for('view_project', token=app_token),
auth=self.user.auth,
)
assert_equal(res.status_code, 200)
def test_GET_from_authorized_user_with_registration_rej_token(self):
self.registration.require_approval(self.user)
self.registration.save()
rej_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
res = self.app.get(
self.project.web_url_for('view_project', token=rej_token),
auth=self.user.auth,
)
assert_equal(res.status_code, 200)
def test_GET_from_authorized_user_with_registration_rej_token_deleted_node(self):
self.registration.require_approval(self.user)
self.registration.save()
rej_token = self.registration.registration_approval.approval_state[self.user._id]['rejection_token']
self.project.is_deleted = True
self.project.save()
res = self.app.get(
self.project.web_url_for('view_project', token=rej_token),
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 410)
res = self.app.get(
self.registration.web_url_for('view_project'),
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 410)
class RegistrationEmbargoModelsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoModelsTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project)
self.embargo = EmbargoFactory(user=self.user)
self.valid_embargo_end_date = timezone.now() + datetime.timedelta(days=3)
# Node#_initiate_embargo tests
def test__initiate_embargo_saves_embargo(self):
initial_count = Embargo.find().count()
self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_equal(Embargo.find().count(), initial_count + 1)
def test_state_can_be_set_to_complete(self):
embargo = EmbargoFactory()
embargo.state = Embargo.COMPLETED
embargo.save() # should pass validation
assert_equal(embargo.state, Embargo.COMPLETED)
def test__initiate_embargo_does_not_create_tokens_for_unregistered_admin(self):
unconfirmed_user = UnconfirmedUserFactory()
Contributor.objects.create(user=unconfirmed_user, node=self.registration)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user, 'admin'))
embargo = self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_true(self.user._id in embargo.approval_state)
assert_false(unconfirmed_user._id in embargo.approval_state)
def test__initiate_embargo_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin, auth=Auth(project.creator), save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin, auth=Auth(child.creator), save=True)
grandchild = NodeFactory(creator=grandchild_admin, parent=child) # noqa
registration = RegistrationFactory(project=project)
embargo = registration._initiate_embargo(
project.creator,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_in(project_admin._id, embargo.approval_state)
assert_in(child_admin._id, embargo.approval_state)
assert_in(grandchild_admin._id, embargo.approval_state)
assert_not_in(project_non_admin._id, embargo.approval_state)
assert_not_in(child_non_admin._id, embargo.approval_state)
def test__initiate_embargo_with_save_does_save_embargo(self):
initial_count = Embargo.find().count()
self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True,
)
assert_equal(Embargo.find().count(), initial_count + 1)
# Node#embargo_registration tests
def test_embargo_from_non_admin_raises_PermissionsError(self):
self.registration.remove_permission(self.user, 'admin')
self.registration.save()
self.registration.reload()
with assert_raises(PermissionsError):
self.registration.embargo_registration(self.user, self.valid_embargo_end_date)
def test_embargo_end_date_in_past_raises_ValueError(self):
with assert_raises(ValidationError):
self.registration.embargo_registration(
self.user,
datetime.datetime(1999, 1, 1, tzinfo=pytz.utc)
)
def test_embargo_end_date_today_raises_ValueError(self):
with assert_raises(ValidationError):
self.registration.embargo_registration(
self.user,
timezone.now()
)
def test_embargo_end_date_in_far_future_raises_ValidationError(self):
with assert_raises(ValidationError):
self.registration.embargo_registration(
self.user,
datetime.datetime(2099, 1, 1, tzinfo=pytz.utc)
)
def test_embargo_with_valid_end_date_starts_pending_embargo(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
def test_embargo_public_project_makes_private_pending_embargo(self):
self.registration.is_public = True
assert_true(self.registration.is_public)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.is_public)
# Embargo#approve_embargo tests
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
invalid_approval_token = 'not a real token'
with assert_raises(InvalidSanctionApprovalToken):
self.registration.embargo.approve_embargo(self.user, invalid_approval_token)
assert_true(self.registration.is_pending_embargo)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.embargo.approve_embargo(non_admin, approval_token)
assert_true(self.registration.is_pending_embargo)
def test_one_approval_with_one_admin_embargoes(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
# Logs: Created, registered, embargo initiated, embargo approved
assert_equal(self.registration.registered_from.logs.count(), initial_project_logs + 2)
def test_one_approval_with_two_admins_stays_pending(self):
admin2 = UserFactory()
Contributor.objects.create(user=admin2, node=self.registration)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
# First admin approves
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.is_pending_embargo)
num_of_approvals = sum([val['has_approved'] for val in self.registration.embargo.approval_state.values()])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.embargo.approval_state[admin2._id]['approval_token']
self.registration.embargo.approve_embargo(admin2, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
num_of_approvals = sum([val['has_approved'] for val in self.registration.embargo.approval_state.values()])
assert_equal(num_of_approvals, 2)
# Embargo#disapprove_embargo tests
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.embargo.disapprove_embargo(self.user, fake.sentence())
assert_true(self.registration.is_pending_embargo)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.embargo.disapprove_embargo(non_admin, rejection_token)
assert_true(self.registration.is_pending_embargo)
def test_one_disapproval_cancels_embargo(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_pending_embargo)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
registered_from = self.registration.registered_from
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
# Logs: Created, registered, embargo initiated, embargo cancelled
assert_equal(registered_from.logs.count(), initial_project_logs + 2)
def test_cancelling_embargo_deletes_parent_registration(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
self.registration.reload()
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_true(self.registration.is_deleted)
def test_cancelling_embargo_deletes_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
NodeFactory( # subcomponent
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration._nodes.first()
subcomponent_registration = component_registration._nodes.first()
project_registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
project_registration.save()
rejection_token = project_registration.embargo.approval_state[self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
project_registration.reload()
assert_true(project_registration.is_deleted)
component_registration.reload()
assert_true(component_registration.is_deleted)
subcomponent_registration.reload()
assert_true(subcomponent_registration.is_deleted)
def test_cancelling_embargo_for_existing_registration_does_not_delete_registration(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_deleted)
def test_rejecting_embargo_for_existing_registration_does_not_deleted_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
NodeFactory( # subcomponent
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration._nodes.first()
subcomponent_registration = component_registration._nodes.first()
project_registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
rejection_token = project_registration.embargo.approval_state[self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
project_registration.save()
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_false(project_registration.is_deleted)
assert_false(component_registration.is_deleted)
assert_false(subcomponent_registration.is_deleted)
# Embargo property tests
def test_new_registration_is_pending_registration(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo_for_existing_registration)
def test_existing_registration_is_not_pending_registration(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_false(self.registration.is_pending_embargo_for_existing_registration)
def test_on_complete_notify_initiator(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
notify_initiator_on_complete=True
)
self.registration.save()
with mock.patch.object(PreregCallbackMixin, '_notify_initiator') as mock_notify:
self.registration.embargo._on_complete(self.user)
assert_equal(mock_notify.call_count, 1)
def test_on_complete_raises_error_if_registration_is_spam(self):
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
notify_initiator_on_complete=True
)
self.registration.spam_status = SpamStatus.FLAGGED
self.registration.save()
with mock.patch.object(PreregCallbackMixin, '_notify_initiator') as mock_notify:
with assert_raises(NodeStateError):
self.registration.embargo._on_complete(self.user)
assert_equal(mock_notify.call_count, 0)
# Regression for OSF-8840
def test_public_embargo_cannot_be_deleted_with_initial_token(self):
embargo_termination_approval = EmbargoTerminationApprovalFactory()
registration = Registration.objects.get(embargo_termination_approval=embargo_termination_approval)
user = registration.contributors.first()
registration.terminate_embargo(Auth(user))
rejection_token = registration.embargo.approval_state[user._id]['rejection_token']
with assert_raises(HTTPError) as e:
registration.embargo.disapprove_embargo(user, rejection_token)
registration.refresh_from_db()
assert registration.is_deleted is False
class RegistrationRetractionModelsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationRetractionModelsTestCase, self).setUp()
self.mock_registration_update = mock.patch('website.project.tasks.on_registration_updated')
self.mock_registration_update.start()
self.user = UserFactory()
self.registration = RegistrationFactory(creator=self.user, is_public=True)
self.valid_justification = fake.sentence()
self.invalid_justification = fake.text(max_nb_chars=3000)
def tearDown(self):
self.mock_registration_update.stop()
super(RegistrationRetractionModelsTestCase, self).tearDown()
def test_set_public_registration_to_private_raises_NodeStateException(self):
self.registration.save()
with assert_raises(NodeStateError):
self.registration.set_privacy('private')
self.registration.reload()
assert_true(self.registration.is_public)
def test_initiate_retraction_saves_retraction(self):
initial_count = Retraction.find().count()
self.registration._initiate_retraction(self.user)
assert_equal(Retraction.find().count(), initial_count + 1)
def test__initiate_retraction_does_not_create_tokens_for_unregistered_admin(self):
unconfirmed_user = UnconfirmedUserFactory()
Contributor.objects.create(node=self.registration, user=unconfirmed_user)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user, 'admin'))
retraction = self.registration._initiate_retraction(self.user)
assert_true(self.user._id in retraction.approval_state)
assert_false(unconfirmed_user._id in retraction.approval_state)
def test__initiate_retraction_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin, auth=Auth(project.creator), save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin, auth=Auth(child.creator), save=True)
grandchild = NodeFactory(creator=grandchild_admin, parent=child) # noqa
registration = RegistrationFactory(project=project)
retraction = registration._initiate_retraction(registration.creator)
assert_in(project_admin._id, retraction.approval_state)
assert_in(child_admin._id, retraction.approval_state)
assert_in(grandchild_admin._id, retraction.approval_state)
assert_not_in(project_non_admin._id, retraction.approval_state)
assert_not_in(child_non_admin._id, retraction.approval_state)
# Backref tests
def test_retraction_initiator_has_backref(self):
self.registration.retract_registration(self.user, self.valid_justification)
self.registration.save()
self.registration.reload()
assert_equal(Retraction.find(Q('initiated_by', 'eq', self.user)).count(), 1)
# Node#retract_registration tests
def test_pending_retract(self):
self.registration.retract_registration(self.user, self.valid_justification)
self.registration.save()
self.registration.reload()
assert_false(self.registration.is_retracted)
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
assert_equal(self.registration.retraction.justification, self.valid_justification)
assert_equal(self.registration.retraction.initiated_by, self.user)
assert_equal(
self.registration.retraction.initiation_date.date(),
timezone.now().date()
)
def test_retract_component_raises_NodeStateError(self):
project = ProjectFactory(is_public=True, creator=self.user)
NodeFactory(is_public=True, creator=self.user, parent=project)
registration = RegistrationFactory(is_public=True, project=project)
with assert_raises(NodeStateError):
registration._nodes.first().retract_registration(self.user, self.valid_justification)
def test_long_justification_raises_ValidationValueError(self):
with assert_raises(DataError):
self.registration.retract_registration(self.user, self.invalid_justification)
self.registration.save()
assert_is_none(self.registration.retraction)
def test_retract_private_registration_raises_NodeStateError(self):
self.registration.is_public = False
with assert_raises(NodeStateError):
self.registration.retract_registration(self.user, self.valid_justification)
self.registration.save()
self.registration.reload()
assert_is_none(self.registration.retraction)
def test_retraction_of_registration_pending_embargo_cancels_embargo(self):
self.registration.embargo_registration(
self.user,
(timezone.now() + datetime.timedelta(days=10)),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_retraction_of_registration_in_active_embargo_cancels_embargo(self):
self.registration.embargo_registration(
self.user,
(timezone.now() + datetime.timedelta(days=10)),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
embargo_approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
retraction_approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, retraction_approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
# Retraction#approve_retraction_tests
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
with assert_raises(InvalidSanctionApprovalToken):
self.registration.retraction.approve_retraction(self.user, fake.sentence())
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.retraction.approve_retraction(non_admin, approval_token)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_one_approval_with_one_admin_retracts(self):
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
assert_true(self.registration.is_pending_retraction)
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_true(self.registration.is_retracted)
num_of_approvals = sum([val['has_approved'] for val in self.registration.retraction.approval_state.values()])
assert_equal(num_of_approvals, 1)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
# Logs: Created, registered, retraction initiated, retraction approved
assert_equal(self.registration.registered_from.logs.count(), initial_project_logs + 2)
def test_retraction_of_registration_pending_embargo_cancels_embargo_public(self):
self.registration.is_public = True
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_approval_of_registration_with_embargo_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.is_public = True
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
# Logs: Created, registered, embargo initiated, retraction initiated, retraction approved, embargo cancelled
assert_equal(self.registration.registered_from.logs.count(), initial_project_logs + 4)
def test_retraction_of_public_registration_in_active_embargo_cancels_embargo(self):
self.registration.is_public = True
self.registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
embargo_approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
retraction_approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, retraction_approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_two_approvals_with_two_admins_retracts(self):
self.admin2 = UserFactory()
Contributor.objects.create(node=self.registration, user=self.admin2)
self.registration.add_permission(self.admin2, 'admin', save=True)
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
# First admin approves
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_true(self.registration.is_pending_retraction)
num_of_approvals = sum([val['has_approved'] for val in self.registration.retraction.approval_state.values()])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.retraction.approval_state[self.admin2._id]['approval_token']
self.registration.retraction.approve_retraction(self.admin2, approval_token)
num_of_approvals = sum([val['has_approved'] for val in self.registration.retraction.approval_state.values()])
assert_equal(num_of_approvals, 2)
assert_true(self.registration.is_retracted)
def test_one_approval_with_two_admins_stays_pending(self):
self.admin2 = UserFactory()
Contributor.objects.create(node=self.registration, user=self.admin2)
self.registration.add_permission(self.admin2, 'admin', save=True)
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_true(self.registration.is_pending_retraction)
num_of_approvals = sum([val['has_approved'] for val in self.registration.retraction.approval_state.values()])
assert_equal(num_of_approvals, 1)
# Retraction#disapprove_retraction tests
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(self):
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.retraction.disapprove_retraction(self.user, fake.sentence())
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.retraction.disapprove_retraction(non_admin, rejection_token)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_one_disapproval_cancels_retraction(self):
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token']
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
self.registration.retraction.disapprove_retraction(self.user, rejection_token)
assert_true(self.registration.retraction.is_rejected)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token']
self.registration.retraction.disapprove_retraction(self.user, rejection_token)
# Logs: Created, registered, retraction initiated, retraction cancelled
assert_equal(self.registration.registered_from.logs.count(), initial_project_logs + 2)
def test__on_complete_makes_project_and_components_public(self):
project_admin = UserFactory()
child_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin, is_public=False)
child = NodeFactory(creator=child_admin, parent=project, is_public=False)
grandchild = NodeFactory(creator=grandchild_admin, parent=child, is_public=False) # noqa
registration = RegistrationFactory(project=project)
registration._initiate_retraction(self.user)
registration.retraction._on_complete(self.user)
for each in registration.node_and_primary_descendants():
each.reload()
assert_true(each.is_public)
# Retraction property tests
def test_new_retraction_is_pending_retraction(self):
self.registration.retract_registration(self.user)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
