def test_users_get(app, test_users, login_user): headers = [('Content-Type', 'application/json'), ('Accept', 'application/json')] def get_user(): req = client.get(url_for('b2share_users.current_user'), headers=headers) assert req.status_code == 200 return json.loads(req.get_data(as_text=True)) with app.app_context(): with app.test_client() as client: # test get info of anonymous user user_info = get_user() assert user_info == {} # test getting info for logged in user user = test_users['normal'] login_user(user, client) user_info = get_user() expected = { 'email': user.email, 'id': user.id, 'name': user.email, 'roles': [] } assert user_info == expected with app.app_context(): with app.test_client() as client: # test getting info for logged in user with roles some_role = create_role('some_role') user_with_role = create_user('user_with_role', roles=[some_role]) login_user(user_with_role, client) user_info = get_user() expected = { 'email': user_with_role.email, 'id': user_with_role.id, 'name': user_with_role.email, 'roles': [{ 'id': some_role.id, 'description': some_role.description, 'name': some_role.name, }] } assert user_info == expected
def test_users_get(app, test_users, login_user): headers = [('Content-Type', 'application/json'), ('Accept', 'application/json')] def get_user(): req = client.get(url_for('b2share_users.current_user'), headers=headers) assert req.status_code == 200 return json.loads(req.get_data(as_text=True)) with app.app_context(): with app.test_client() as client: # test get info of anonymous user user_info = get_user() assert user_info == {} # test getting info for logged in user user = test_users['normal'] login_user(user, client) user_info = get_user() expected = { 'email': user.email, 'id': user.id, 'name': user.email, 'roles': [] } assert user_info == expected with app.app_context(): with app.test_client() as client: # test getting info for logged in user with roles some_role = create_role('some_role') user_with_role = create_user('user_with_role', roles=[some_role]) login_user(user_with_role, client) user_info = get_user() expected = { 'email': user_with_role.email, 'id': user_with_role.id, 'name': user_with_role.email, 'roles': [{ 'id': some_role.id, 'description': some_role.description, 'name': some_role.name, }] } assert user_info == expected
def delete_role(user, expected_status_code=200): """Test assigning a role to a user. Args: - role_id: id of the role to delete. - user: user whose identity will be used when updating the role. - expected_status_code: expected status code of the request. """ with app.app_context(): role = create_role('some_custom_role{}'.format(counter[0])) db.session.commit() counter[0] += 1 role_id = role.id url = url_for( 'invenio_accounts_rest.role', role_id=role_id, ) with app.test_client() as client: if user is not None: login_user(user, client) res = client.delete(url, headers=headers) assert res.status_code == expected_status_code
def delete_role(user, expected_status_code=200): """Test assigning a role to a user. Args: - role_id: id of the role to delete. - user: user whose identity will be used when updating the role. - expected_status_code: expected status code of the request. """ with app.app_context(): role = create_role('some_custom_role{}'.format(counter[0])) db.session.commit() counter[0] += 1 role_id = role.id url = url_for( 'invenio_accounts_rest.role', role_id=role_id, ) with app.test_client() as client: if user is not None: login_user(user, client) res = client.delete(url, headers=headers) assert res.status_code == expected_status_code
def test_deposit_search_permissions(app, draft_deposits, submitted_deposits, test_users, login_user, test_communities): """Test deposit search permissions.""" with app.app_context(): # flush the indices so that indexed deposits are searchable current_search_client.indices.flush('*') admin = test_users['admin'] creator = test_users['deposits_creator'] non_creator = create_user('non-creator') permission_to_read_all_submitted_deposits = read_deposit_need_factory( community=str(test_communities['MyTestCommunity2']), publication_state='submitted', ) allowed_role = create_role( 'allowed_role', permissions=[permission_to_read_all_submitted_deposits]) user_allowed_by_role = create_user('user-allowed-by-role', roles=[allowed_role]) user_allowed_by_permission = create_user( 'user-allowed-by-permission', permissions=[permission_to_read_all_submitted_deposits]) community = Community.get(test_communities['MyTestCommunity2']) com_member = create_user('com_member', roles=[community.member_role]) com_admin = create_user('com_admin', roles=[community.admin_role]) search_deposits_url = url_for('b2share_records_rest.b2rec_list', drafts=1, size=100) headers = [('Content-Type', 'application/json'), ('Accept', 'application/json')] def test_search(status, expected_deposits, user=None): with app.test_client() as client: if user is not None: login_user(user, client) deposit_search_res = client.get(search_deposits_url, headers=headers) assert deposit_search_res.status_code == status # test the response data only when the user is allowed to # search for deposits if status != 200: return deposit_search_data = json.loads( deposit_search_res.get_data(as_text=True)) assert deposit_search_data['hits']['total'] == \ len(expected_deposits) deposit_pids = [ hit['id'] for hit in deposit_search_data['hits']['hits'] ] expected_deposit_pids = [ dep.deposit_id.hex for dep in expected_deposits ] deposit_pids.sort() expected_deposit_pids.sort() assert deposit_pids == expected_deposit_pids test_search(200, draft_deposits + submitted_deposits, creator) test_search(200, draft_deposits + submitted_deposits, admin) test_search(401, [], None) test_search(200, [], non_creator) # search for submitted records community2_deposits = [ dep for dep in submitted_deposits if dep.data['community'] == str( test_communities['MyTestCommunity2']) ] test_search(200, community2_deposits, user_allowed_by_role) test_search(200, community2_deposits, user_allowed_by_permission) # community admin should have access to all submitted records # in their community test_search(200, [], com_member) test_search(200, community2_deposits, com_admin)
def test_deposit_search_permissions(app, draft_deposits, submitted_deposits, test_users, login_user, test_communities): """Test deposit search permissions.""" with app.app_context(): # flush the indices so that indexed deposits are searchable current_search_client.indices.flush('*') admin = test_users['admin'] creator = test_users['deposits_creator'] non_creator = create_user('non-creator') permission_to_read_all_submitted_deposits = read_deposit_need_factory( community=str(test_communities['MyTestCommunity2']), publication_state='submitted', ) allowed_role = create_role( 'allowed_role', permissions=[ permission_to_read_all_submitted_deposits ] ) user_allowed_by_role = create_user('user-allowed-by-role', roles=[allowed_role]) user_allowed_by_permission = create_user( 'user-allowed-by-permission', permissions=[ permission_to_read_all_submitted_deposits ] ) community = Community.get(test_communities['MyTestCommunity2']) com_member = create_user('com_member', roles=[community.member_role]) com_admin = create_user('com_admin', roles=[community.admin_role]) search_deposits_url = url_for( 'b2share_records_rest.b2rec_list', drafts=1, size=100) headers = [('Content-Type', 'application/json'), ('Accept', 'application/json')] def test_search(status, expected_deposits, user=None): with app.test_client() as client: if user is not None: login_user(user, client) deposit_search_res = client.get( search_deposits_url, headers=headers) assert deposit_search_res.status_code == status # test the response data only when the user is allowed to # search for deposits if status != 200: return deposit_search_data = json.loads( deposit_search_res.get_data(as_text=True)) assert deposit_search_data['hits']['total'] == \ len(expected_deposits) deposit_pids = [hit['id'] for hit in deposit_search_data['hits']['hits']] expected_deposit_pids = [dep.deposit_id.hex for dep in expected_deposits] deposit_pids.sort() expected_deposit_pids.sort() assert deposit_pids == expected_deposit_pids test_search(200, draft_deposits + submitted_deposits, creator) test_search(200, draft_deposits + submitted_deposits, admin) test_search(401, [], None) test_search(200, [], non_creator) # search for submitted records community2_deposits = [dep for dep in submitted_deposits if dep.data['community'] == str(test_communities['MyTestCommunity2'])] test_search(200, community2_deposits, user_allowed_by_role) test_search(200, community2_deposits, user_allowed_by_permission) # community admin should have access to all submitted records # in their community test_search(200, [], com_member) test_search(200, community2_deposits, com_admin)