def test_update_annotation_raises_if_non_admin_changes_perms(): with pytest.raises(RuntimeError): logic.update_annotation(_mock_annotation(permissions={}), fields={'permissions': { 'read': ['someone'] }}, userid='alice')
def update(context, request): """Update the fields we received and store the updated version.""" annotation = context.model # Read the new fields for the annotation try: fields = request.json_body except ValueError: return _api_error(request, 'No JSON payload sent. Annotation not created.', status_code=400) # Client Error: Bad Request try: appstruct = schemas.AnnotationSchema().validate(fields) except schemas.ValidationError as err: return _api_error(request, err.message, status_code=400) # Update and store the annotation try: logic.update_annotation(annotation, appstruct, userid=request.authenticated_userid) except RuntimeError as err: return _api_error(request, err.args[0], status_code=err.args[1]) # Notify any subscribers _publish_annotation_event(request, annotation, 'update') # Return the updated version that was just stored. return search_lib.render(annotation)
def update(context, request): """Update the fields we received and store the updated version.""" annotation = context # Read the new fields for the annotation try: fields = request.json_body except ValueError: return _api_error(request, 'No JSON payload sent. Annotation not created.', status_code=400) # Client Error: Bad Request # Check user's permissions has_admin_permission = request.has_permission('admin', annotation) # Update and store the annotation try: logic.update_annotation(annotation, fields, has_admin_permission) except RuntimeError as err: return _api_error( request, err.args[0], status_code=err.args[1]) # Notify any subscribers _publish_annotation_event(request, annotation, 'update') # Return the updated version that was just stored. return search_lib.render(annotation)
def update(context, request): """Update the fields we received and store the updated version.""" annotation = context.model # Read the new fields for the annotation try: fields = request.json_body except ValueError: return _api_error(request, 'No JSON payload sent. Annotation not created.', status_code=400) # Client Error: Bad Request try: validators.Annotation().validate(fields) except validators.Error as err: return _api_error(request, err.message, status_code=400) # Update and store the annotation try: logic.update_annotation(annotation, fields, userid=request.authenticated_userid) except RuntimeError as err: return _api_error( request, err.args[0], status_code=err.args[1]) # Notify any subscribers _publish_annotation_event(request, annotation, 'update') # Return the updated version that was just stored. return search_lib.render(annotation)
def test_update_annotation_calls_update(): annotation = _mock_annotation() fields = {'foo': 'bar'} logic.update_annotation(annotation, fields, False) annotation.update.assert_called_once_with(fields)
def update(context, request): """Update the fields we received and store the updated version.""" annotation = context # Read the new fields for the annotation try: fields = request.json_body except ValueError: return _api_error(request, 'No JSON payload sent. Annotation not created.', status_code=400) # Client Error: Bad Request # Check user's permissions has_admin_permission = request.has_permission('admin', annotation) # Update and store the annotation try: logic.update_annotation(annotation, fields, has_admin_permission) except RuntimeError as err: return _api_error(request, err.args[0], status_code=err.args[1]) # Notify any subscribers _publish_annotation_event(request, annotation, 'update') # Return the updated version that was just stored. return search_lib.render(annotation)
def test_update_annotation_calls_update(): annotation = _mock_annotation() fields = {'foo': 'bar'} logic.update_annotation(annotation, fields) annotation.update.assert_called_once_with(fields)
def test_update_annotation_admins_can_change_permissions(): annotation = _mock_annotation(permissions={'admin': ['alice']}, user='******') logic.update_annotation(annotation, fields={'permissions': 'changed'}, userid='alice') assert annotation['permissions'] == 'changed'
def test_update_annotation_admins_can_change_permissions(): annotation = _mock_annotation(permissions='foo') logic.update_annotation( annotation, fields={'permissions': 'changed'}, has_admin_permission=True) assert annotation['permissions'] == 'changed'
def test_update_annotation_non_admins_can_make_non_permissions_changes(): annotation = _mock_annotation(foo='bar') logic.update_annotation( annotation, fields={'foo': 'changed'}, has_admin_permission=False) assert annotation['foo'] == 'changed'
def test_update_annotation_admins_can_change_permissions(): annotation = _mock_annotation( permissions={'admin': ['alice']}, user='******') logic.update_annotation( annotation, fields={'permissions': 'changed'}, userid='alice') assert annotation['permissions'] == 'changed'
def test_update_annotation_does_not_pass_protected_fields_to_update(): annotation = _mock_annotation() logic.update_annotation( annotation, fields={"foo": "bar", "created": "foo", "updated": "foo", "user": "******", "consumer": "foo", "id": "foo"}, has_admin_permission=False, ) for field in ("created", "updated", "user", "consumer", "id"): assert field not in annotation.update.call_args[0][0]
def test_update_annotation_non_admins_can_make_non_permissions_changes(): annotation = _mock_annotation(foo='bar', permissions={'admin': ['alice']}, user='******') logic.update_annotation(annotation, fields={ 'foo': 'changed', }, userid='bob') assert annotation['foo'] == 'changed'
def update(context, request): """Update the fields we received and store the updated version.""" annotation = context.model schema = schemas.UpdateAnnotationSchema(request, annotation) appstruct = schema.validate(_json_payload(request)) # Update and store the annotation logic.update_annotation(annotation, appstruct) # Notify any subscribers _publish_annotation_event(request, annotation, 'update') # Return the updated version that was just stored. return search_lib.render(annotation)
def test_update_annotation_non_admins_can_make_non_permissions_changes(): annotation = _mock_annotation( foo='bar', permissions={'admin': ['alice']}, user='******') logic.update_annotation( annotation, fields={ 'foo': 'changed', }, userid='bob') assert annotation['foo'] == 'changed'
def test_update_annotation_does_not_pass_protected_fields_to_update(): annotation = _mock_annotation() logic.update_annotation( annotation, fields={ 'foo': 'bar', 'created': 'foo', 'updated': 'foo', 'user': '******', 'id': 'foo' }, userid='foo') for field in ('created', 'updated', 'user', 'id'): assert field not in annotation.update.call_args[0][0]
def test_update_annotation_does_not_crash_if_annotations_parent_has_no_group( Annotation): """It shouldn't crash if the parent annotation has no group. It shouldn't crash if the annotation is a reply and its parent annotation has no 'group' field. """ # No group in the original annotation/reply itself. annotation = _mock_annotation() assert 'group' not in annotation # And no group in the parent annotation either. Annotation.fetch.return_value = {} logic.update_annotation(annotation, {}, 'foo')
def test_update_annotation_does_not_pass_protected_fields_to_update(): annotation = _mock_annotation() logic.update_annotation( annotation, fields={ 'foo': 'bar', 'created': 'foo', 'updated': 'foo', 'user': '******', 'consumer': 'foo', 'id': 'foo' }, has_admin_permission=False) for field in ('created', 'updated', 'user', 'consumer', 'id'): assert field not in annotation.update.call_args[0][0]
def test_update_annotation_if_deleted_does_not_remove_other_principals(): user = "******" annotation = _mock_annotation( deleted=True, user=user, permissions={ "admin": [user, "someone else"], "read": [user, "someone else"], "update": [user], "delete": [user], }, ) fields = {"permissions": {"update": ["someone else"], "delete": ["someone else"]}} logic.update_annotation(annotation, fields, True) for action in annotation["permissions"]: assert "someone else" in annotation["permissions"][action]
def test_update_annotation_removes_userid_from_permissions_if_deleted(): user = "******" annotation = _mock_annotation( deleted=True, user=user, permissions={ "admin": [user, "someone else"], "read": [user, "someone else"], "update": ["someone else"], "delete": ["someone else"], }, ) fields = {"permissions": {"update": [user], "delete": [user]}} logic.update_annotation(annotation, fields, True) for action in annotation["permissions"]: assert user not in annotation["permissions"][action]
def test_update_annotation_removes_userid_from_permissions_if_deleted(): user = '******' annotation = _mock_annotation( deleted=True, user=user, permissions={ 'admin': [user, 'someone else'], 'read': [user, 'someone else'], 'update': ['someone else'], 'delete': ['someone else'] } ) fields = { 'permissions': { 'update': [user], 'delete': [user] } } logic.update_annotation(annotation, fields, True) for action in annotation['permissions']: assert user not in annotation['permissions'][action]
def test_update_annotation_if_deleted_does_not_remove_other_principals(): user = '******' annotation = _mock_annotation( deleted=True, user=user, permissions={ 'admin': [user, 'someone else'], 'read': [user, 'someone else'], 'update': [user], 'delete': [user] } ) fields = { 'permissions': { 'update': ['someone else'], 'delete': ['someone else'] } } logic.update_annotation(annotation, fields, True) for action in annotation['permissions']: assert 'someone else' in annotation['permissions'][action]
def test_update_annotation_does_not_remove_userid_if_not_deleted(): userid = 'acct:[email protected]' annotation = _mock_annotation( deleted=False, user=userid, permissions={ 'admin': [userid, 'someone else'], 'read': [userid, 'someone else'], 'update': ['someone else'], 'delete': ['someone else'] } ) fields = { 'permissions': { 'update': [userid], 'delete': [userid] } } logic.update_annotation(annotation, fields, userid) for action in annotation['permissions']: assert userid in annotation['permissions'][action]
def test_update_annotation_user_cannot_change_group(): annotation = _mock_annotation(group='old') fields = {'group': 'new'} with pytest.raises(RuntimeError): logic.update_annotation(annotation, fields, 'foo')
def test_update_annotation_calls_save(): annotation = _mock_annotation() logic.update_annotation(annotation, {}, False) annotation.save.assert_called_once_with()
def test_update_annotation_calls_prepare(search_lib): annotation = _mock_annotation() logic.update_annotation(annotation, {}, False) search_lib.prepare.assert_called_once_with(annotation)
def test_update_annotation_calls_prepare(search_lib): annotation = _mock_annotation() logic.update_annotation(annotation, {}) search_lib.prepare.assert_called_once_with(annotation)
def test_update_annotation_raises_if_non_admin_changes_perms(): with pytest.raises(RuntimeError): logic.update_annotation( _mock_annotation(), fields={'permissions': 'changed'}, has_admin_permission=False)
def test_update_annotation_raises_if_non_admin_changes_perms(): with pytest.raises(RuntimeError): logic.update_annotation( _mock_annotation(permissions={}), fields={'permissions': {'read': ['someone']}}, userid='alice')
def test_update_annotation_does_not_crash_if_annotation_has_no_group(): annotation = _mock_annotation() assert 'group' not in annotation logic.update_annotation(annotation, {}, 'foo')
def test_update_annotation_admins_can_change_permissions(): annotation = _mock_annotation(permissions="foo") logic.update_annotation(annotation, fields={"permissions": "changed"}, has_admin_permission=True) assert annotation["permissions"] == "changed"
def test_update_annotation_non_admins_can_make_non_permissions_changes(): annotation = _mock_annotation(foo="bar") logic.update_annotation(annotation, fields={"foo": "changed"}, has_admin_permission=False) assert annotation["foo"] == "changed"
def test_update_annotation_calls_save(): annotation = _mock_annotation() logic.update_annotation(annotation, {}) annotation.save.assert_called_once_with()