def test_users_get(app, test_users, login_user):
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
def get_user():
req = client.get(url_for('b2share_users.current_user'),
headers=headers)
assert req.status_code == 200
return json.loads(req.get_data(as_text=True))
with app.app_context():
with app.test_client() as client:
# test get info of anonymous user
user_info = get_user()
assert user_info == {}
# test getting info for logged in user
user = test_users['normal']
login_user(user, client)
user_info = get_user()
expected = {
'email': user.email,
'id': user.id,
'name': user.email,
'roles': []
}
assert user_info == expected
with app.app_context():
with app.test_client() as client:
# test getting info for logged in user with roles
some_role = create_role('some_role')
user_with_role = create_user('user_with_role', roles=[some_role])
login_user(user_with_role, client)
user_info = get_user()
expected = {
'email':
user_with_role.email,
'id':
user_with_role.id,
'name':
user_with_role.email,
'roles': [{
'id': some_role.id,
'description': some_role.description,
'name': some_role.name,
}]
}
assert user_info == expected
def test_users_get(app, test_users, login_user):
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
def get_user():
req = client.get(url_for('b2share_users.current_user'), headers=headers)
assert req.status_code == 200
return json.loads(req.get_data(as_text=True))
with app.app_context():
with app.test_client() as client:
# test get info of anonymous user
user_info = get_user()
assert user_info == {}
# test getting info for logged in user
user = test_users['normal']
login_user(user, client)
user_info = get_user()
expected = {
'email': user.email,
'id': user.id,
'name': user.email,
'roles': []
}
assert user_info == expected
with app.app_context():
with app.test_client() as client:
# test getting info for logged in user with roles
some_role = create_role('some_role')
user_with_role = create_user('user_with_role', roles=[some_role])
login_user(user_with_role, client)
user_info = get_user()
expected = {
'email': user_with_role.email,
'id': user_with_role.id,
'name': user_with_role.email,
'roles': [{
'id': some_role.id,
'description': some_role.description,
'name': some_role.name,
}]
}
assert user_info == expected
def delete_role(user, expected_status_code=200):
"""Test assigning a role to a user.
Args:
- role_id: id of the role to delete.
- user: user whose identity will be used when updating the role.
- expected_status_code: expected status code of the request.
"""
with app.app_context():
role = create_role('some_custom_role{}'.format(counter[0]))
db.session.commit()
counter[0] += 1
role_id = role.id
url = url_for(
'invenio_accounts_rest.role',
role_id=role_id,
)
with app.test_client() as client:
if user is not None:
login_user(user, client)
res = client.delete(url, headers=headers)
assert res.status_code == expected_status_code
def delete_role(user, expected_status_code=200):
"""Test assigning a role to a user.
Args:
- role_id: id of the role to delete.
- user: user whose identity will be used when updating the role.
- expected_status_code: expected status code of the request.
"""
with app.app_context():
role = create_role('some_custom_role{}'.format(counter[0]))
db.session.commit()
counter[0] += 1
role_id = role.id
url = url_for(
'invenio_accounts_rest.role',
role_id=role_id,
)
with app.test_client() as client:
if user is not None:
login_user(user, client)
res = client.delete(url, headers=headers)
assert res.status_code == expected_status_code
def test_deposit_search_permissions(app, draft_deposits, submitted_deposits,
test_users, login_user, test_communities):
"""Test deposit search permissions."""
with app.app_context():
# flush the indices so that indexed deposits are searchable
current_search_client.indices.flush('*')
admin = test_users['admin']
creator = test_users['deposits_creator']
non_creator = create_user('non-creator')
permission_to_read_all_submitted_deposits = read_deposit_need_factory(
community=str(test_communities['MyTestCommunity2']),
publication_state='submitted',
)
allowed_role = create_role(
'allowed_role',
permissions=[permission_to_read_all_submitted_deposits])
user_allowed_by_role = create_user('user-allowed-by-role',
roles=[allowed_role])
user_allowed_by_permission = create_user(
'user-allowed-by-permission',
permissions=[permission_to_read_all_submitted_deposits])
community = Community.get(test_communities['MyTestCommunity2'])
com_member = create_user('com_member', roles=[community.member_role])
com_admin = create_user('com_admin', roles=[community.admin_role])
search_deposits_url = url_for('b2share_records_rest.b2rec_list',
drafts=1,
size=100)
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
def test_search(status, expected_deposits, user=None):
with app.test_client() as client:
if user is not None:
login_user(user, client)
deposit_search_res = client.get(search_deposits_url,
headers=headers)
assert deposit_search_res.status_code == status
# test the response data only when the user is allowed to
# search for deposits
if status != 200:
return
deposit_search_data = json.loads(
deposit_search_res.get_data(as_text=True))
assert deposit_search_data['hits']['total'] == \
len(expected_deposits)
deposit_pids = [
hit['id'] for hit in deposit_search_data['hits']['hits']
]
expected_deposit_pids = [
dep.deposit_id.hex for dep in expected_deposits
]
deposit_pids.sort()
expected_deposit_pids.sort()
assert deposit_pids == expected_deposit_pids
test_search(200, draft_deposits + submitted_deposits, creator)
test_search(200, draft_deposits + submitted_deposits, admin)
test_search(401, [], None)
test_search(200, [], non_creator)
# search for submitted records
community2_deposits = [
dep for dep in submitted_deposits if dep.data['community'] == str(
test_communities['MyTestCommunity2'])
]
test_search(200, community2_deposits, user_allowed_by_role)
test_search(200, community2_deposits, user_allowed_by_permission)
# community admin should have access to all submitted records
# in their community
test_search(200, [], com_member)
test_search(200, community2_deposits, com_admin)
def test_deposit_search_permissions(app, draft_deposits, submitted_deposits,
test_users, login_user, test_communities):
"""Test deposit search permissions."""
with app.app_context():
# flush the indices so that indexed deposits are searchable
current_search_client.indices.flush('*')
admin = test_users['admin']
creator = test_users['deposits_creator']
non_creator = create_user('non-creator')
permission_to_read_all_submitted_deposits = read_deposit_need_factory(
community=str(test_communities['MyTestCommunity2']),
publication_state='submitted',
)
allowed_role = create_role(
'allowed_role',
permissions=[
permission_to_read_all_submitted_deposits
]
)
user_allowed_by_role = create_user('user-allowed-by-role',
roles=[allowed_role])
user_allowed_by_permission = create_user(
'user-allowed-by-permission',
permissions=[
permission_to_read_all_submitted_deposits
]
)
community = Community.get(test_communities['MyTestCommunity2'])
com_member = create_user('com_member', roles=[community.member_role])
com_admin = create_user('com_admin', roles=[community.admin_role])
search_deposits_url = url_for(
'b2share_records_rest.b2rec_list', drafts=1, size=100)
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
def test_search(status, expected_deposits, user=None):
with app.test_client() as client:
if user is not None:
login_user(user, client)
deposit_search_res = client.get(
search_deposits_url,
headers=headers)
assert deposit_search_res.status_code == status
# test the response data only when the user is allowed to
# search for deposits
if status != 200:
return
deposit_search_data = json.loads(
deposit_search_res.get_data(as_text=True))
assert deposit_search_data['hits']['total'] == \
len(expected_deposits)
deposit_pids = [hit['id'] for hit
in deposit_search_data['hits']['hits']]
expected_deposit_pids = [dep.deposit_id.hex for dep
in expected_deposits]
deposit_pids.sort()
expected_deposit_pids.sort()
assert deposit_pids == expected_deposit_pids
test_search(200, draft_deposits + submitted_deposits, creator)
test_search(200, draft_deposits + submitted_deposits, admin)
test_search(401, [], None)
test_search(200, [], non_creator)
# search for submitted records
community2_deposits = [dep for dep in submitted_deposits
if dep.data['community'] ==
str(test_communities['MyTestCommunity2'])]
test_search(200, community2_deposits, user_allowed_by_role)
test_search(200,
community2_deposits,
user_allowed_by_permission)
# community admin should have access to all submitted records
# in their community
test_search(200, [], com_member)
test_search(200, community2_deposits, com_admin)
