def test_gets( self, app, user_one, user_two, preprint, project_public, project_private): # test_authorized_in_gets_200 url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_one.auth) assert res.status_code == 200 assert res.content_type == 'application/vnd.api+json' # test_anonymous_gets_200 url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url) assert res.status_code == 200 assert res.content_type == 'application/vnd.api+json' # test_get_preprints_logged_in url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_one.auth) node_json = res.json['data'] ids = [each['id'] for each in node_json] assert preprint._id in ids assert project_public._id not in ids assert project_private._id not in ids # test_get_projects_not_logged_in url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url) node_json = res.json['data'] ids = [each['id'] for each in node_json] assert preprint._id in ids assert project_public._id not in ids assert project_private._id not in ids # test_get_projects_logged_in_as_different_user url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_two.auth) node_json = res.json['data'] ids = [each['id'] for each in node_json] assert preprint._id in ids assert project_public._id not in ids assert project_private._id not in ids abandoned_preprint = PreprintFactory(creator=user_one, finish=False) abandoned_preprint.machine_state = 'initial' abandoned_preprint.save() url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_one.auth) actual = [result['id'] for result in res.json['data']] assert abandoned_preprint._id not in actual
def test_gets(self, app, user_one, user_two, preprint, project_public, project_private): # test_authorized_in_gets_200 url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_one.auth) assert res.status_code == 200 assert res.content_type == 'application/vnd.api+json' # test_anonymous_gets_200 url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url) assert res.status_code == 200 assert res.content_type == 'application/vnd.api+json' # test_get_preprints_logged_in url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_one.auth) node_json = res.json['data'] ids = [each['id'] for each in node_json] assert preprint._id in ids assert project_public._id not in ids assert project_private._id not in ids # test_get_projects_not_logged_in url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url) node_json = res.json['data'] ids = [each['id'] for each in node_json] assert preprint._id in ids assert project_public._id not in ids assert project_private._id not in ids # test_get_projects_logged_in_as_different_user url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_two.auth) node_json = res.json['data'] ids = [each['id'] for each in node_json] assert preprint._id in ids assert project_public._id not in ids assert project_private._id not in ids abandoned_preprint = PreprintFactory(creator=user_one, finish=False) abandoned_preprint.machine_state = 'initial' abandoned_preprint.save() url = '/{}users/{}/preprints/'.format(API_BASE, user_one._id) res = app.get(url, auth=user_one.auth) actual = [result['id'] for result in res.json['data']] assert abandoned_preprint._id not in actual
def test_filter_withdrawn_preprint(self, app, url, user, project_one, provider_one, provider_two): preprint_one = PreprintFactory(is_published=False, creator=user, project=project_one, provider=provider_one) preprint_one.date_withdrawn = timezone.now() preprint_one.is_public = True preprint_one.is_published = True preprint_one.date_published = timezone.now() preprint_one.machine_state = 'accepted' assert preprint_one.ever_public is False # Putting this preprint in a weird state, is verified_publishable, but has been # withdrawn and ever_public is False. This is to isolate withdrawal portion of query preprint_one.save() preprint_two = PreprintFactory(creator=user, project=project_one, provider=provider_two) preprint_two.date_withdrawn = timezone.now() preprint_two.ever_public = True preprint_two.save() # Unauthenticated can only see withdrawn preprints that have been public expected = [preprint_two._id] res = app.get(url) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual) # Noncontribs can only see withdrawn preprints that have been public user2 = AuthUserFactory() expected = [preprint_two._id] res = app.get(url, auth=user2.auth) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual) # contribs can only see withdrawn preprints that have been public user2 = AuthUserFactory() preprint_one.add_contributor(user2, 'read') preprint_two.add_contributor(user2, 'read') expected = [preprint_two._id] res = app.get(url, auth=user2.auth) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual) expected = [preprint_two._id] # Admins can only see withdrawn preprints that have been public res = app.get(url, auth=user.auth) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual)
def test_filter_withdrawn_preprint(self, app, url, user): preprint_one = PreprintFactory(is_published=False, creator=user) preprint_one.date_withdrawn = timezone.now() preprint_one.is_public = True preprint_one.is_published = True preprint_one.date_published = timezone.now() preprint_one.machine_state = 'accepted' assert preprint_one.ever_public is False # Putting this preprint in a weird state, is verified_publishable, but has been # withdrawn and ever_public is False. This is to isolate withdrawal portion of query preprint_one.save() preprint_two = PreprintFactory(creator=user) preprint_two.date_withdrawn = timezone.now() preprint_two.ever_public = True preprint_two.save() # Unauthenticated users cannot see users/me/preprints url = '/{}users/me/preprints/?version=2.2&'.format(API_BASE) expected = [preprint_two._id] res = app.get(url, expect_errors=True) assert res.status_code == 401 # Noncontribs cannot see withdrawn preprints user2 = AuthUserFactory() url = '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, user2._id) expected = [] res = app.get(url, auth=user2.auth) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual) # Read contribs - contrib=False on UserPreprints filter so read contribs can only see # withdrawn preprints that were once public user2 = AuthUserFactory() preprint_one.add_contributor(user2, 'read', save=True) preprint_two.add_contributor(user2, 'read', save=True) url = '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, user2._id) expected = [preprint_two._id] res = app.get(url, auth=user2.auth) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual) expected = [preprint_two._id] # Admin contribs can only see withdrawn preprints that were once public res = app.get(url, auth=user.auth) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual)
def test_filter_withdrawn_preprint(self, app, url, user): preprint_one = PreprintFactory(is_published=False, creator=user) preprint_one.date_withdrawn = timezone.now() preprint_one.is_public = True preprint_one.is_published = True preprint_one.date_published = timezone.now() preprint_one.machine_state = 'accepted' assert preprint_one.ever_public is False # Putting this preprint in a weird state, is verified_publishable, but has been # withdrawn and ever_public is False. This is to isolate withdrawal portion of query preprint_one.save() preprint_two = PreprintFactory(creator=user) preprint_two.date_withdrawn = timezone.now() preprint_two.ever_public = True preprint_two.save() # Unauthenticated users cannot see users/me/preprints url = '/{}users/me/preprints/?version=2.2&'.format(API_BASE) expected = [preprint_two._id] res = app.get(url, expect_errors=True) assert res.status_code == 401 # Noncontribs cannot see withdrawn preprints user2 = AuthUserFactory() url = '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, user2._id) expected = [] res = app.get(url, auth=user2.auth) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual) # Read contribs - contrib=False on UserPreprints filter so read contribs can only see # withdrawn preprints that were once public user2 = AuthUserFactory() preprint_one.add_contributor(user2, permissions.READ, save=True) preprint_two.add_contributor(user2, permissions.READ, save=True) url = '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, user2._id) expected = [preprint_two._id] res = app.get(url, auth=user2.auth) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual) expected = [preprint_two._id] # Admin contribs can only see withdrawn preprints that were once public res = app.get(url, auth=user.auth) actual = [preprint['id'] for preprint in res.json['data']] assert set(expected) == set(actual)
def test_implicit_admins_can_see_project_status(self): project = ProjectFactory(creator=self.admin) component = NodeFactory(creator=self.admin, parent=project) project.add_contributor(self.write_contrib, ['read', 'write', 'admin']) project.save() preprint = PreprintFactory(creator=self.admin, filename='mgla.pdf', provider=self.provider_one, subjects=[[self.subject_one._id]], project=component, is_published=True) preprint.machine_state = 'pending' provider = PreprintProviderFactory(reviews_workflow='post-moderation') preprint.provider = provider preprint.save() url = component.web_url_for('view_project') res = self.app.get(url, auth=self.write_contrib.auth) assert_in('{}'.format(preprint.provider.name), res.body) assert_in('Pending\n', res.body) assert_in('This preprint is publicly available and searchable but is subject to removal by a moderator.', res.body)
def test_withdrawn_preprints_list(self): pp = PreprintFactory(provider__reviews_workflow='pre-moderation', is_published=False, creator=self.user) pp.machine_state = 'pending' mod = AuthUserFactory() pp.provider.get_group('moderator').user_set.add(mod) pp.date_withdrawn = timezone.now() pp.save() assert not pp.ever_public # Sanity check unauth_res = self.app.get(self.url) user_res = self.app.get(self.url, auth=self.user.auth) mod_res = self.app.get(self.url, auth=mod.auth) unauth_res_ids = [each['id'] for each in unauth_res.json['data']] user_res_ids = [each['id'] for each in user_res.json['data']] mod_res_ids = [each['id'] for each in mod_res.json['data']] assert pp._id not in unauth_res_ids assert pp._id not in user_res_ids assert pp._id in mod_res_ids
def abandoned_preprint(self, abandoned_preprint_node): preprint = PreprintFactory(project=abandoned_preprint_node, is_published=False) preprint.machine_state = DefaultStates.INITIAL.value return preprint