def test_get_children_only_returns_child_nodes_with_admin_permissions(self):
user = UserFactory()
admin_project = ProjectFactory()
admin_project.add_contributor(
user, auth=Auth(admin_project.creator), permissions=permissions.expand_permissions(permissions.ADMIN)
)
admin_project.save()
admin_component = NodeFactory(parent=admin_project)
admin_component.add_contributor(
user, auth=Auth(admin_component.creator), permissions=permissions.expand_permissions(permissions.ADMIN)
)
admin_component.save()
read_and_write = NodeFactory(parent=admin_project)
read_and_write.add_contributor(
user, auth=Auth(read_and_write.creator), permissions=permissions.expand_permissions(permissions.WRITE)
)
read_and_write.save()
read_only = NodeFactory(parent=admin_project)
read_only.add_contributor(
user, auth=Auth(read_only.creator), permissions=permissions.expand_permissions(permissions.READ)
)
read_only.save()
non_contributor = NodeFactory(parent=admin_project)
components = _get_children(admin_project, Auth(user))
assert_equal(len(components), 1)
def test_get_children_only_returns_child_nodes_with_admin_permissions(
self):
user = UserFactory()
admin_project = ProjectFactory()
admin_project.add_contributor(
user,
auth=Auth(admin_project.creator),
permissions=permissions.expand_permissions(permissions.ADMIN))
admin_project.save()
admin_component = NodeFactory(parent=admin_project)
admin_component.add_contributor(
user,
auth=Auth(admin_component.creator),
permissions=permissions.expand_permissions(permissions.ADMIN))
admin_component.save()
read_and_write = NodeFactory(parent=admin_project)
read_and_write.add_contributor(
user,
auth=Auth(read_and_write.creator),
permissions=permissions.expand_permissions(permissions.WRITE))
read_and_write.save()
read_only = NodeFactory(parent=admin_project)
read_only.add_contributor(user,
auth=Auth(read_only.creator),
permissions=permissions.expand_permissions(
permissions.READ))
read_only.save()
non_contributor = NodeFactory(parent=admin_project)
components = _get_children(admin_project, Auth(user))
assert_equal(len(components), 1)
def test_expand_permissions():
result = permissions.expand_permissions('admin')
assert_equal(result, ['read', 'write', 'admin'])
result2 = permissions.expand_permissions('write')
assert_equal(result2, ['read', 'write'])
result3 = permissions.expand_permissions(None)
assert_equal(result3, [])
def test_expand_permissions():
result = permissions.expand_permissions('admin')
assert_equal(result, ['read', 'write', 'admin'])
result2 = permissions.expand_permissions('write')
assert_equal(result2, ['read', 'write'])
result3 = permissions.expand_permissions(None)
assert_equal(result3, [])
def test_render_node_returns_permissions(self):
node = ProjectFactory()
admin = UserFactory()
node.add_contributor(admin, auth=Auth(node.creator),
permissions=permissions.expand_permissions(permissions.ADMIN))
writer = UserFactory()
node.add_contributor(writer, auth=Auth(node.creator),
permissions=permissions.expand_permissions(permissions.WRITE))
node.save()
res_admin = _render_node(node, Auth(admin))
assert_equal(res_admin['permissions'], 'admin')
res_writer = _render_node(node, Auth(writer))
assert_equal(res_writer['permissions'], 'write')
def test_render_node_returns_permissions(self):
node = ProjectFactory()
admin = UserFactory()
node.add_contributor(admin, auth=Auth(node.creator),
permissions=permissions.expand_permissions(permissions.ADMIN))
writer = UserFactory()
node.add_contributor(writer, auth=Auth(node.creator),
permissions=permissions.expand_permissions(permissions.WRITE))
node.save()
res_admin = _render_node(node, Auth(admin))
assert_equal(res_admin['permissions'], 'admin')
res_writer = _render_node(node, Auth(writer))
assert_equal(res_writer['permissions'], 'write')
def create(self, validated_data):
auth = Auth(self.context['request'].user)
node = self.context['view'].get_node()
contributor = get_object_or_error(User,
validated_data['_id'],
display_name='user')
# Node object checks for contributor existence but can still change permissions anyway
if contributor in node.contributors:
raise exceptions.ValidationError(
'{} is already a contributor'.format(contributor.fullname))
bibliographic = validated_data['bibliographic']
permissions = osf_permissions.expand_permissions(
validated_data.get('permission')
) or osf_permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS
node.add_contributor(contributor=contributor,
auth=auth,
visible=bibliographic,
permissions=permissions,
save=True)
contributor.permission = osf_permissions.reduce_permissions(
node.get_permissions(contributor))
contributor.bibliographic = node.get_visible(contributor)
contributor.node_id = node._id
return contributor
def create(self, validated_data):
id = validated_data.get('_id')
email = validated_data.get('email')
index = validated_data.get('index')
node = self.context['view'].get_node()
auth = Auth(self.context['request'].user)
full_name = validated_data.get('full_name')
bibliographic = validated_data.get('bibliographic')
send_email = self.context['request'].GET.get('send_email') or 'default'
permissions = osf_permissions.expand_permissions(validated_data.get('permission')) or osf_permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS
self.validate_data(node, user_id=id, full_name=full_name, email=email, index=index)
if send_email not in self.email_preferences:
raise exceptions.ValidationError(detail='{} is not a valid email preference.'.format(send_email))
try:
contributor = node.add_contributor_registered_or_not(
auth=auth, user_id=id, email=email, full_name=full_name, send_email=send_email,
permissions=permissions, bibliographic=bibliographic, index=index, save=True
)
except ValidationValueError as e:
raise exceptions.ValidationError(detail=e.message)
except ValueError as e:
raise exceptions.NotFound(detail=e.message)
return contributor
def create(self, validated_data):
id = validated_data.get('_id')
email = validated_data.get('email')
index = validated_data.get('index')
node = self.context['view'].get_node()
auth = Auth(self.context['request'].user)
full_name = validated_data.get('full_name')
bibliographic = validated_data.get('bibliographic')
send_email = self.context['request'].GET.get('send_email') or 'default'
permissions = osf_permissions.expand_permissions(validated_data.get('permission')) or osf_permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS
self.validate_data(node, user_id=id, full_name=full_name, email=email, index=index)
if send_email not in self.email_preferences:
raise exceptions.ValidationError(detail='{} is not a valid email preference.'.format(send_email))
try:
contributor = node.add_contributor_registered_or_not(
auth=auth, user_id=id, email=email, full_name=full_name, send_email=send_email,
permissions=permissions, bibliographic=bibliographic, index=index, save=True
)
except ValidationValueError as e:
raise exceptions.ValidationError(detail=e.message)
except ValueError as e:
raise exceptions.NotFound(detail=e.message)
return contributor
def deserialize_contributors(node, user_dicts, auth):
"""View helper that returns a list of User objects from a list of
serialized users (dicts). The users in the list may be registered or
unregistered users.
e.g. ``[{'id': 'abc123', 'registered': True, 'fullname': ..},
{'id': None, 'registered': False, 'fullname'...},
{'id': '123ab', 'registered': False, 'fullname': ...}]
If a dict represents an unregistered user without an ID, creates a new
unregistered User record.
:param Node node: The node to add contributors to
:param list(dict) user_dicts: List of serialized users in the format above.
:param Auth auth:
"""
# Add the registered contributors
contribs = []
for contrib_dict in user_dicts:
fullname = contrib_dict['fullname']
visible = contrib_dict['visible']
email = contrib_dict.get('email')
if contrib_dict['id']:
contributor = User.load(contrib_dict['id'])
else:
try:
contributor = User.create_unregistered(fullname=fullname,
email=email)
contributor.save()
except ValidationValueError:
contributor = get_user(username=email)
# Add unclaimed record if necessary
if (not contributor.is_registered
and node._primary_key not in contributor.unclaimed_records):
contributor.add_unclaimed_record(node=node,
referrer=auth.user,
given_name=fullname,
email=email)
contributor.save()
unreg_contributor_added.send(node,
contributor=contributor,
auth=auth)
contribs.append({
'user':
contributor,
'visible':
visible,
'permissions':
expand_permissions(contrib_dict.get('permission'))
})
return contribs
def deserialize_contributors(node, user_dicts, auth, validate=False):
"""View helper that returns a list of User objects from a list of
serialized users (dicts). The users in the list may be registered or
unregistered users.
e.g. ``[{'id': 'abc123', 'registered': True, 'fullname': ..},
{'id': None, 'registered': False, 'fullname'...},
{'id': '123ab', 'registered': False, 'fullname': ...}]
If a dict represents an unregistered user without an ID, creates a new
unregistered User record.
:param Node node: The node to add contributors to
:param list(dict) user_dicts: List of serialized users in the format above.
:param Auth auth:
:param bool validate: Whether to validate and sanitize fields (if necessary)
"""
# Add the registered contributors
contribs = []
for contrib_dict in user_dicts:
fullname = contrib_dict["fullname"]
visible = contrib_dict["visible"]
email = contrib_dict.get("email")
if validate is True:
# Validate and sanitize inputs as needed. Email will raise error if invalid.
# TODO Edge case bug: validation and saving are performed in same loop, so all in list
# up to the invalid entry will be saved. (communicate to the user what needs to be retried)
fullname = sanitize.strip_html(fullname)
if not fullname:
raise ValidationValueError("Full name field cannot be empty")
if email:
validate_email(email) # Will raise a ValidationError if email invalid
if contrib_dict["id"]:
contributor = User.load(contrib_dict["id"])
else:
try:
contributor = User.create_unregistered(fullname=fullname, email=email)
contributor.save()
except ValidationValueError:
## FIXME: This suppresses an exception if ID not found & new validation fails; get_user will return None
contributor = get_user(email=email)
# Add unclaimed record if necessary
if not contributor.is_registered and node._primary_key not in contributor.unclaimed_records:
contributor.add_unclaimed_record(node=node, referrer=auth.user, given_name=fullname, email=email)
contributor.save()
contribs.append(
{"user": contributor, "visible": visible, "permissions": expand_permissions(contrib_dict.get("permission"))}
)
return contribs
def deserialize_contributors(node, user_dicts, auth):
"""View helper that returns a list of User objects from a list of
serialized users (dicts). The users in the list may be registered or
unregistered users.
e.g. ``[{'id': 'abc123', 'registered': True, 'fullname': ..},
{'id': None, 'registered': False, 'fullname'...},
{'id': '123ab', 'registered': False, 'fullname': ...}]
If a dict represents an unregistered user without an ID, creates a new
unregistered User record.
:param Node node: The node to add contributors to
:param list(dict) user_dicts: List of serialized users in the format above.
:param Auth auth:
"""
# Add the registered contributors
contribs = []
for contrib_dict in user_dicts:
fullname = contrib_dict['fullname']
visible = contrib_dict['visible']
email = contrib_dict.get('email')
if contrib_dict['id']:
contributor = User.load(contrib_dict['id'])
else:
try:
contributor = User.create_unregistered(
fullname=fullname,
email=email)
contributor.save()
except ValidationValueError:
contributor = get_user(email=email)
# Add unclaimed record if necessary
if (not contributor.is_registered
and node._primary_key not in contributor.unclaimed_records):
contributor.add_unclaimed_record(node=node, referrer=auth.user,
given_name=fullname,
email=email)
contributor.save()
unreg_contributor_added.send(node, contributor=contributor,
auth=auth)
contribs.append({
'user': contributor,
'visible': visible,
'permissions': expand_permissions(contrib_dict.get('permission'))
})
return contribs
def create(self, validated_data):
auth = Auth(self.context['request'].user)
node = self.context['view'].get_node()
contributor = get_object_or_error(User, validated_data['_id'], display_name='user')
# Node object checks for contributor existence but can still change permissions anyway
if contributor in node.contributors:
raise exceptions.ValidationError('{} is already a contributor'.format(contributor.fullname))
bibliographic = validated_data['bibliographic']
permissions = osf_permissions.expand_permissions(validated_data.get('permission')) or osf_permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS
node.add_contributor(contributor=contributor, auth=auth, visible=bibliographic, permissions=permissions, save=True)
contributor.permission = osf_permissions.reduce_permissions(node.get_permissions(contributor))
contributor.bibliographic = node.get_visible(contributor)
contributor.node_id = node._id
return contributor
def deserialize_contributors(node, user_dicts, auth, validate=False):
"""View helper that returns a list of User objects from a list of
serialized users (dicts). The users in the list may be registered or
unregistered users.
e.g. ``[{'id': 'abc123', 'registered': True, 'fullname': ..},
{'id': None, 'registered': False, 'fullname'...},
{'id': '123ab', 'registered': False, 'fullname': ...}]
If a dict represents an unregistered user without an ID, creates a new
unregistered User record.
:param Node node: The node to add contributors to
:param list(dict) user_dicts: List of serialized users in the format above.
:param Auth auth:
:param bool validate: Whether to validate and sanitize fields (if necessary)
"""
# Add the registered contributors
contribs = []
for contrib_dict in user_dicts:
fullname = contrib_dict['fullname']
visible = contrib_dict['visible']
email = contrib_dict.get('email')
if validate is True:
# Validate and sanitize inputs as needed. Email will raise error if invalid.
# TODO Edge case bug: validation and saving are performed in same loop, so all in list
# up to the invalid entry will be saved. (communicate to the user what needs to be retried)
fullname = sanitize.strip_html(fullname)
if not fullname:
raise ValidationValueError('Full name field cannot be empty')
if email is not None:
validate_email(
email) # Will raise a ValidationError if email invalid
if contrib_dict['id']:
contributor = User.load(contrib_dict['id'])
else:
try:
contributor = User.create_unregistered(fullname=fullname,
email=email)
contributor.save()
except ValidationValueError:
## FIXME: This suppresses an exception if ID not found & new validation fails; get_user will return None
contributor = get_user(email=email)
# Add unclaimed record if necessary
if (not contributor.is_registered
and node._primary_key not in contributor.unclaimed_records):
contributor.add_unclaimed_record(node=node,
referrer=auth.user,
given_name=fullname,
email=email)
contributor.save()
unreg_contributor_added.send(node,
contributor=contributor,
auth=auth)
contribs.append({
'user':
contributor,
'visible':
visible,
'permissions':
expand_permissions(contrib_dict.get('permission'))
})
return contribs