def create(self):
"""
Create a new badge in the system
"""
# Check if user is allowed to create a badge
require.badge.create()
import shutil
label = request.params['badge-label']
description = request.params['badge-description']
image = request.POST['badge-image']
try:
# Get upload directory for Badge and generate a random filename
upload_dir = h.get_object_upload_dir(Badge)
random_filename = h.get_uuid_filename(image.filename)
# Open the filename and copy the uploaded image
permanent_filename = os.path.join(upload_dir, random_filename)
permanent_image = open(permanent_filename, 'w')
shutil.copyfileobj(image.file, permanent_image)
upload_image_path = h.upload(random_filename, Badge)
# Close image files
image.file.close()
permanent_image.close()
except OSError:
upload_image_path = ''
h.flash_error(_('Uploading files not supported at the moment.'))
badge = Badge(label, upload_image_path, description, c.account)
db.session.add(badge)
db.session.commit()
redirect(
h.url_for(controller='badge', action='information', id=badge.id))
def create(self):
"""
Create a new badge in the system
"""
# Check if user is allowed to create a badge
require.badge.create()
import shutil
label = request.params['badge-label']
description = request.params['badge-description']
image = request.POST['badge-image']
try:
# Get upload directory for Badge and generate a random filename
upload_dir = h.get_object_upload_dir(Badge)
random_filename = h.get_uuid_filename(image.filename)
# Open the filename and copy the uploaded image
permanent_filename = os.path.join(upload_dir, random_filename)
permanent_image = open(permanent_filename, 'w')
shutil.copyfileobj(image.file, permanent_image)
upload_image_path = h.upload(random_filename, Badge)
# Close image files
image.file.close()
permanent_image.close()
except OSError:
upload_image_path = ''
h.flash_error(_('Uploading files not supported at the moment.'))
badge = Badge(label, upload_image_path, description, c.account)
db.session.add(badge)
db.session.commit()
redirect(h.url_for(controller='badge', action='information',
id=badge.id))
def test_create_badge(self):
"""
Test badge creation. Only administrators can create badges.
To create a badge user must provide label, description and image
"""
# Get all existing badges (should be zero but we never know)
badge_json = self.app.get(url(controller='badge', action='index',
format='json'))
badge_index = json.loads(badge_json.body)
existing_badges = len(badge_index['badges'])
# The dummy files we'll upload
files = [("badge-image", "badge.png", "Test badge file")]
# Create upload directory if it doesn't exist
object_upload_dir = os.path.join(
config['pylons.paths']['static_files'],
config.get('openspending.upload_directory', 'test_uploads'))
if os.path.isdir(object_upload_dir):
# Upload dir exists (so we won't change a thing)
upload_dir_created = False
else:
# Doesn't exist (so we'll remove it afterwards
os.mkdir(object_upload_dir, 0o744)
upload_dir_created = True
# Create a new badge (should return unauthorized)
response = self.app.post(
url(controller='badge', action='create'),
params={'badge-label': 'testbadge',
'badge-description': 'testdescription'},
upload_files=files,
expect_errors=True)
# Check if it returned Forbidden (which is http status code 403)
# This should actually return 401 Unauthorized but that's an
# authentication implementation failure (which should be fixed)
assert '403' in response.status, \
"Non-user should get an error when trying to create a badge"
# Check to see that badge list didn't change
badge_json = self.app.get(url(controller='badge', action='index',
format='json'))
assert badge_index == json.loads(badge_json.body), \
"A non-user was able to change the existing badges"
# Create a new badge (should return forbidden)
response = self.app.post(
url(controller='badge', action='create'),
params={'badge-label': 'testbadge',
'badge-description': 'testdescription'},
upload_files=files,
extra_environ={'REMOTE_USER': '******'},
expect_errors=True)
# Check if it returned Forbidden (which is http status code 403)
assert '403' in response.status, \
"Non-admin user should get an error when trying to create a badge"
# Check to see that badge list didn't change
badge_json = self.app.get(url(controller='badge', action='index',
format='json'))
assert badge_index == json.loads(badge_json.body), \
"A non-admin user was able to change the existing badges"
response = self.app.post(
url(controller='badge', action='create'),
params={'badge-label': 'testbadge',
'badge-description': 'testdescription'},
upload_files=files,
extra_environ={'REMOTE_USER': '******'})
# Check to see there is now badge more in the list than to begin with
badge_json = self.app.get(url(controller='badge', action='index',
format='json'))
badge_index = json.loads(badge_json.body)
assert len(badge_index['badges']) == existing_badges + 1, \
"One badge should have been added but it wasn't"
# Check image exists
# Get image filename from url
image = badge_index['badges'][0]['image'].split('/')[-1]
# Get the uploaded file on the system
upload_dir = helpers.get_object_upload_dir(Badge)
uploaded_file = os.path.join(upload_dir, image)
# Check if file exists
assert os.path.exists(uploaded_file), \
"Uploaded badge image isn't present on the file system"
# Remove the file or we'll have a lot of random files after test runs
os.remove(uploaded_file)
# If we have created the upload directory we should remove upload_dir
if upload_dir_created:
os.rmdir(upload_dir)
os.rmdir(object_upload_dir)
# Check to be certain both label and description are present
assert badge_index['badges'][0]['label'] == 'testbadge', \
"Uploaded badge label isn't correct"
assert badge_index['badges'][0]['description'] == 'testdescription', \
"Uploaded badge description isn't correct"
# No datasets should be present for the badge just after creation
assert len(badge_index['badges'][0]['datasets']) == 0, \
"Newly created badge shouldn't have been awarded to datasets"
def test_create_badge(self):
"""
Test badge creation. Only administrators can create badges.
To create a badge user must provide label, description and image
"""
# Get all existing badges (should be zero but we never know)
badge_json = self.app.get(
url(controller='badge', action='index', format='json'))
badge_index = json.loads(badge_json.body)
existing_badges = len(badge_index['badges'])
# The dummy files we'll upload
files = [("badge-image", "badge.png", "Test badge file")]
# Create upload directory if it doesn't exist
object_upload_dir = os.path.join(
config['pylons.paths']['static_files'],
config.get('openspending.upload_directory', 'test_uploads'))
if os.path.isdir(object_upload_dir):
# Upload dir exists (so we won't change a thing)
upload_dir_created = False
else:
# Doesn't exist (so we'll remove it afterwards
os.mkdir(object_upload_dir, 0o744)
upload_dir_created = True
# Create a new badge (should return unauthorized)
response = self.app.post(url(controller='badge', action='create'),
params={
'badge-label': 'testbadge',
'badge-description': 'testdescription'
},
upload_files=files,
expect_errors=True)
# Check if it returned Forbidden (which is http status code 403)
# This should actually return 401 Unauthorized but that's an
# authentication implementation failure (which should be fixed)
assert '403' in response.status, \
"Non-user should get an error when trying to create a badge"
# Check to see that badge list didn't change
badge_json = self.app.get(
url(controller='badge', action='index', format='json'))
assert badge_index == json.loads(badge_json.body), \
"A non-user was able to change the existing badges"
# Create a new badge (should return forbidden)
response = self.app.post(url(controller='badge', action='create'),
params={
'badge-label': 'testbadge',
'badge-description': 'testdescription'
},
upload_files=files,
extra_environ={'REMOTE_USER': '******'},
expect_errors=True)
# Check if it returned Forbidden (which is http status code 403)
assert '403' in response.status, \
"Non-admin user should get an error when trying to create a badge"
# Check to see that badge list didn't change
badge_json = self.app.get(
url(controller='badge', action='index', format='json'))
assert badge_index == json.loads(badge_json.body), \
"A non-admin user was able to change the existing badges"
response = self.app.post(url(controller='badge', action='create'),
params={
'badge-label': 'testbadge',
'badge-description': 'testdescription'
},
upload_files=files,
extra_environ={'REMOTE_USER': '******'})
# Check to see there is now badge more in the list than to begin with
badge_json = self.app.get(
url(controller='badge', action='index', format='json'))
badge_index = json.loads(badge_json.body)
assert len(badge_index['badges']) == existing_badges + 1, \
"One badge should have been added but it wasn't"
# Check image exists
# Get image filename from url
image = badge_index['badges'][0]['image'].split('/')[-1]
# Get the uploaded file on the system
upload_dir = helpers.get_object_upload_dir(Badge)
uploaded_file = os.path.join(upload_dir, image)
# Check if file exists
assert os.path.exists(uploaded_file), \
"Uploaded badge image isn't present on the file system"
# Remove the file or we'll have a lot of random files after test runs
os.remove(uploaded_file)
# If we have created the upload directory we should remove upload_dir
if upload_dir_created:
os.rmdir(upload_dir)
os.rmdir(object_upload_dir)
# Check to be certain both label and description are present
assert badge_index['badges'][0]['label'] == 'testbadge', \
"Uploaded badge label isn't correct"
assert badge_index['badges'][0]['description'] == 'testdescription', \
"Uploaded badge description isn't correct"
# No datasets should be present for the badge just after creation
assert len(badge_index['badges'][0]['datasets']) == 0, \
"Newly created badge shouldn't have been awarded to datasets"
