def testCantEditLockedExperiment(self): login = self.client3.login(username=self.user3.username, password='******') self.assertTrue(login) # user3 has acl to write to experiment3 acl = ObjectACL( pluginId=django_user, entityId=str(self.user3.id), content_object=self.experiment3, canRead=True, canWrite=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() response = self.client3.get('/experiment/edit/%i/' % (self.experiment3.id)) self.assertEqual(response.status_code, 403) response = self.client3.post( '/experiment/edit/%i/' % (self.experiment3.id), { 'anything': True, }) self.assertEqual(response.status_code, 403) acl.delete() self.client3.logout()
def testCantEditLockedExperiment(self): login = self.client3.login(username=self.user3.username, password='******') self.assertTrue(login) # user3 has acl to write to experiment3 acl = ObjectACL( pluginId=django_user, entityId=str(self.user3.id), content_object=self.experiment3, canRead=True, canWrite=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() response = self.client3.get('/experiment/edit/%i/' % (self.experiment3.id)) self.assertEqual(response.status_code, 403) response = self.client3.post('/experiment/edit/%i/' % (self.experiment3.id), {'anything': True, }) self.assertEqual(response.status_code, 403) acl.delete() self.client3.logout()
class ViewTemplateContextsTest(TestCase): def setUp(self): """ setting up essential objects, copied from tests above """ Location.force_initialize() self.location = Location.get_location('local') user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = UserProfile(user=self.user).save() self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.dataset_file = Dataset_File(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.dataset_file.save() self.replica = Replica(datafile=self.dataset_file, url="http://foo", location=self.location, verified=False) self.replica.save() def tearDown(self): self.user.delete() self.exp.delete() self.dataset.delete() self.dataset_file.delete() self.acl.delete() def testExperimentView(self): """ test some template context parameters for an experiment view """ from tardis.tardis_portal.views import view_experiment from tardis.tardis_portal.shortcuts import render_response_index from django.http import HttpRequest from django.template import Context import sys # Default behavior views_module = flexmock(sys.modules['tardis.tardis_portal.views']) request = HttpRequest() request.user=self.user request.groups=[] context = {'organization': ['classic', 'test', 'test2'], 'default_organization': 'classic', 'default_format': 'zip', 'protocol': [['zip', '/download/experiment/1/zip/'], ['tar', '/download/experiment/1/tar/']]} views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_experiment.html", _ContextMatcher(context)) response = view_experiment(request, experiment_id=self.exp.id) self.assertEqual(response.status_code, 200) # Behavior with USER_AGENT_SENSING enabled and a request.user_agent saved_setting = getattr(settings, "USER_AGENT_SENSING", None) try: setattr(settings, "USER_AGENT_SENSING", True) request = HttpRequest() request.user=self.user request.groups=[] mock_agent = _MiniMock(os=_MiniMock(family="Macintosh")) setattr(request, 'user_agent', mock_agent); context = {'organization': ['classic', 'test', 'test2'], 'default_organization': 'classic', 'default_format': 'tar', 'protocol': [['tar', '/download/experiment/1/tar/']]} views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_experiment.html", _ContextMatcher(context)) response = view_experiment(request, experiment_id=self.exp.id) self.assertEqual(response.status_code, 200) finally: if saved_setting != None: setattr(settings, "USER_AGENT_SENSING", saved_setting) else: delattr(settings, "USER_AGENT_SENSING") def testDatasetView(self): """ test some context parameters for a dataset view """ from tardis.tardis_portal.views import view_dataset from tardis.tardis_portal.shortcuts import render_response_index from django.http import HttpRequest from django.template import Context import sys views_module = flexmock(sys.modules['tardis.tardis_portal.views']) request = HttpRequest() request.user=self.user request.groups=[] context = {'default_organization': 'classic', 'default_format': 'zip'} views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_dataset.html", _ContextMatcher(context)) response = view_dataset(request, dataset_id=self.dataset.id) self.assertEqual(response.status_code, 200) # Behavior with USER_AGENT_SENSING enabled and a request.user_agent saved_setting = getattr(settings, "USER_AGENT_SENSING", None) try: setattr(settings, "USER_AGENT_SENSING", True) request = HttpRequest() request.user=self.user request.groups=[] mock_agent = _MiniMock(os=_MiniMock(family="Macintosh")) setattr(request, 'user_agent', mock_agent); context = {'default_organization': 'classic', 'default_format': 'tar'} views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_dataset.html", _ContextMatcher(context)) response = view_dataset(request, dataset_id=self.dataset.id) self.assertEqual(response.status_code, 200) finally: if saved_setting != None: setattr(settings, "USER_AGENT_SENSING", saved_setting) else: delattr(settings, "USER_AGENT_SENSING")
class ContextualViewTest(TestCase): def setUp(self): """ setting up essential objects, copied from tests above """ user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = UserProfile(user=self.user).save() self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.dataset_file = Dataset_File(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.dataset_file.save() self.testschema = Schema(namespace="http://test.com/test/schema", name="Test View", type=Schema.DATAFILE, hidden=True) self.testschema.save() self.dfps = DatafileParameterSet(dataset_file=self.dataset_file, schema=self.testschema) self.dfps.save() def tearDown(self): self.user.delete() self.exp.delete() self.dataset.delete() self.dataset_file.delete() self.testschema.delete() self.dfps.delete() self.acl.delete() def testDetailsDisplay(self): """ test display of view for an existing schema and no display for an undefined one. """ from tardis.tardis_portal.views import display_datafile_details request = flexmock(user=self.user, groups=[("testgroup",flexmock())]) with self.settings(DATAFILE_VIEWS=[("http://test.com/test/schema", "/test/url"), ("http://does.not.exist", "/false/url")]): response = display_datafile_details(request, dataset_file_id=self.dataset_file.id) self.assertEqual(response.status_code, 200) self.assertTrue("/ajax/parameters/" in response.content) self.assertTrue("/test/url" in response.content) self.assertFalse("/false/url" in response.content)
class ViewTemplateContextsTest(TestCase): def setUp(self): """ setting up essential objects, copied from tests above """ user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = self.user.userprofile self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.datafile = DataFile(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.datafile.save() def tearDown(self): self.user.delete() self.exp.delete() self.dataset.delete() self.datafile.delete() self.acl.delete() def testExperimentView(self): """ test some template context parameters for an experiment view """ from tardis.tardis_portal.views import ExperimentView from django.http import HttpRequest import sys # Default behavior views_module = flexmock(sys.modules['tardis.tardis_portal.views']) request = HttpRequest() request.method = 'GET' request.user = self.user request.groups = [] context = { 'organization': ['test', 'test2'], 'default_organization': 'test', 'default_format': 'tar', 'protocol': [['tgz', '/download/experiment/1/tgz/'], ['tar', '/download/experiment/1/tar/']] } views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_experiment.html", _ContextMatcher(context)) view_fn = ExperimentView.as_view() response = view_fn(request, experiment_id=self.exp.id) self.assertEqual(response.status_code, 200) # Behavior with USER_AGENT_SENSING enabled and a request.user_agent saved_setting = getattr(settings, "USER_AGENT_SENSING", None) try: setattr(settings, "USER_AGENT_SENSING", True) request = HttpRequest() request.method = 'GET' request.user = self.user request.groups = [] mock_agent = _MiniMock(os=_MiniMock(family="Macintosh")) setattr(request, 'user_agent', mock_agent) context = { 'organization': ['classic', 'test', 'test2'], 'default_organization': 'classic', 'default_format': 'tar', 'protocol': [['tar', '/download/experiment/1/tar/']] } views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_experiment.html", _ContextMatcher(context)) view_fn = ExperimentView.as_view() response = view_fn(request, experiment_id=self.exp.id) self.assertEqual(response.status_code, 200) finally: if saved_setting is not None: setattr(settings, "USER_AGENT_SENSING", saved_setting) else: delattr(settings, "USER_AGENT_SENSING") def testDatasetView(self): """ test some context parameters for a dataset view """ from tardis.tardis_portal.views import DatasetView from django.http import HttpRequest import sys views_module = flexmock(sys.modules['tardis.tardis_portal.views']) request = HttpRequest() request.method = 'GET' request.user = self.user request.groups = [] context = {'default_organization': 'test', 'default_format': 'tar'} views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_dataset.html", _ContextMatcher(context)) view_fn = DatasetView.as_view() response = view_fn(request, dataset_id=self.dataset.id) self.assertEqual(response.status_code, 200) # Behavior with USER_AGENT_SENSING enabled and a request.user_agent saved_setting = getattr(settings, "USER_AGENT_SENSING", None) try: setattr(settings, "USER_AGENT_SENSING", True) request = HttpRequest() request.method = 'GET' request.user = self.user request.groups = [] mock_agent = _MiniMock(os=_MiniMock(family="Macintosh")) setattr(request, 'user_agent', mock_agent) context = { 'default_organization': 'classic', 'default_format': 'tar' } views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_dataset.html", _ContextMatcher(context)) view_fn = DatasetView.as_view() response = view_fn(request, dataset_id=self.dataset.id) self.assertEqual(response.status_code, 200) finally: if saved_setting is not None: setattr(settings, "USER_AGENT_SENSING", saved_setting) else: delattr(settings, "USER_AGENT_SENSING")
class ContextualViewTest(TestCase): def setUp(self): """ setting up essential objects, copied from tests above """ user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = self.user.userprofile self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.datafile = DataFile(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.datafile.save() self.testschema = Schema(namespace="http://test.com/test/schema", name="Test View", type=Schema.DATAFILE, hidden=True) self.testschema.save() self.dfps = DatafileParameterSet(datafile=self.datafile, schema=self.testschema) self.dfps.save() def tearDown(self): self.user.delete() self.exp.delete() self.dataset.delete() self.datafile.delete() self.testschema.delete() self.dfps.delete() self.acl.delete() def testDetailsDisplay(self): """ test display of view for an existing schema and no display for an undefined one. """ from tardis.tardis_portal.views import display_datafile_details request = flexmock(user=self.user, groups=[("testgroup", flexmock())]) with self.settings(DATAFILE_VIEWS=[( "http://test.com/test/schema", "/test/url"), ("http://does.not.exist", "/false/url")]): response = display_datafile_details(request, datafile_id=self.datafile.id) self.assertEqual(response.status_code, 200) self.assertTrue("/ajax/parameters/" in response.content) self.assertTrue("/test/url" in response.content) self.assertFalse("/false/url" in response.content)
def trash_experiment(request, experiment_id=None): if request.method != 'PUT': raise HttpResponseNotAllowed() try: expt = Experiment.safe.get(request.user, experiment_id) except PermissionDenied as ex: return jsend_fail_response('Permission denied', 401, {'id': experiment_id}) if expt: ct = expt.get_ct() user_acls = ObjectACL.objects.filter(content_type=ct, object_id=expt.id, pluginId='django_user') group_acls = ObjectACL.objects.filter(content_type=ct, object_id=expt.id, pluginId='django_group') else: return jsend_fail_response('Experiment %s not found' % experiment_id, 404, {'id': experiment_id}) trash_username = getattr(settings, 'TRASH_USERNAME', '__trashman__') trash_group_name = getattr(settings, 'TRASH_GROUP_NAME', '__trashcan__') try: trashman = User.objects.filter(username=trash_username)[0] except IndexError as ex: logger.error('Cannot find ID for trash user: %s (Does it exist ? Are ' 'ingestor user permissions correct ?)' % trash_username) raise ex try: trashcan = Group.objects.filter(name=trash_group_name)[0] except IndexError as ex: logger.error('Cannot find ID for trash group: %s (Does it exist ? Are ' 'ingestor user permissions correct ?)' % trash_group_name) raise ex acls_to_remove = [] has_trashman = False for acl in user_acls: if acl.entityId == trashman.id: has_trashman = True continue acls_to_remove.append(acl) has_trashcan = False for acl in group_acls: if acl.entityId == trashcan.id: has_trashcan = True continue acls_to_remove.append(acl) # Add ObjectACLs to experiment for trashman/trashcan if not has_trashman: acl = ObjectACL(content_type=ct, object_id=expt.id, pluginId='django_user', entityId=trashman.id, aclOwnershipType=ObjectACL.OWNER_OWNED, isOwner=True, canRead=True, canWrite=True, canDelete=False) acl.save() if not has_trashcan: acl = ObjectACL(content_type=ct, object_id=expt.id, pluginId='django_group', entityId=trashcan.id, aclOwnershipType=ObjectACL.OWNER_OWNED, isOwner=True, canRead=True, canWrite=True, canDelete=False) acl.save() # remove all the non-trashman/trashcan ACLs [acl.delete() for acl in acls_to_remove] # ensure experiment is not publicly accessible expt.public_access = Experiment.PUBLIC_ACCESS_NONE expt.save() return jsend_success_response( 'Experiment %s moved to trash' % experiment_id, {'id': experiment_id})
class ViewTemplateContextsTest(TestCase): def setUp(self): """ setting up essential objects, copied from tests above """ user = "******" pwd = "secret" email = "" self.user = User.objects.create_user(user, email, pwd) self.userProfile = self.user.userprofile self.exp = Experiment(title="test exp1", institution_name="monash", created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description="dataset description...") self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.datafile = DataFile(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.datafile.save() def tearDown(self): self.user.delete() self.exp.delete() self.dataset.delete() self.datafile.delete() self.acl.delete() def testExperimentView(self): """ test some template context parameters for an experiment view """ from tardis.tardis_portal.views import ExperimentView from django.http import HttpRequest import sys # Default behavior views_module = flexmock(sys.modules["tardis.tardis_portal.views"]) request = HttpRequest() request.method = "GET" request.user = self.user request.groups = [] context = { "organization": ["test", "test2"], "default_organization": "test", "default_format": "tar", "protocol": [["tgz", "/download/experiment/1/tgz/"], ["tar", "/download/experiment/1/tar/"]], } views_module.should_call("render_response_index").with_args( _AnyMatcher(), "tardis_portal/view_experiment.html", _ContextMatcher(context) ) view_fn = ExperimentView.as_view() response = view_fn(request, experiment_id=self.exp.id) self.assertEqual(response.status_code, 200) # Behavior with USER_AGENT_SENSING enabled and a request.user_agent saved_setting = getattr(settings, "USER_AGENT_SENSING", None) try: setattr(settings, "USER_AGENT_SENSING", True) request = HttpRequest() request.method = "GET" request.user = self.user request.groups = [] mock_agent = _MiniMock(os=_MiniMock(family="Macintosh")) setattr(request, "user_agent", mock_agent) context = { "organization": ["classic", "test", "test2"], "default_organization": "classic", "default_format": "tar", "protocol": [["tar", "/download/experiment/1/tar/"]], } views_module.should_call("render_response_index").with_args( _AnyMatcher(), "tardis_portal/view_experiment.html", _ContextMatcher(context) ) view_fn = ExperimentView.as_view() response = view_fn(request, experiment_id=self.exp.id) self.assertEqual(response.status_code, 200) finally: if saved_setting is not None: setattr(settings, "USER_AGENT_SENSING", saved_setting) else: delattr(settings, "USER_AGENT_SENSING") def testDatasetView(self): """ test some context parameters for a dataset view """ from tardis.tardis_portal.views import DatasetView from django.http import HttpRequest import sys views_module = flexmock(sys.modules["tardis.tardis_portal.views"]) request = HttpRequest() request.method = "GET" request.user = self.user request.groups = [] context = {"default_organization": "test", "default_format": "tar"} views_module.should_call("render_response_index").with_args( _AnyMatcher(), "tardis_portal/view_dataset.html", _ContextMatcher(context) ) view_fn = DatasetView.as_view() response = view_fn(request, dataset_id=self.dataset.id) self.assertEqual(response.status_code, 200) # Behavior with USER_AGENT_SENSING enabled and a request.user_agent saved_setting = getattr(settings, "USER_AGENT_SENSING", None) try: setattr(settings, "USER_AGENT_SENSING", True) request = HttpRequest() request.method = "GET" request.user = self.user request.groups = [] mock_agent = _MiniMock(os=_MiniMock(family="Macintosh")) setattr(request, "user_agent", mock_agent) context = {"default_organization": "classic", "default_format": "tar"} views_module.should_call("render_response_index").with_args( _AnyMatcher(), "tardis_portal/view_dataset.html", _ContextMatcher(context) ) view_fn = DatasetView.as_view() response = view_fn(request, dataset_id=self.dataset.id) self.assertEqual(response.status_code, 200) finally: if saved_setting is not None: setattr(settings, "USER_AGENT_SENSING", saved_setting) else: delattr(settings, "USER_AGENT_SENSING")