def test_user_cant_modify_others_results(admin_client, user_client,
alt_user_client, test_scheduler):
# alt user schedule entry
alt_user_entry_name = simulate_acquisitions(alt_user_client,
name="alt_user_single_acq")
alt_user_acq_url = reverse_result_detail(alt_user_entry_name, 1)
new_result_detail = user_client.get(alt_user_acq_url, **HTTPS_KWARG)
new_result_detail = new_result_detail.data
new_result_detail["task_id"] = 2
user_modify_alt_user_response = update_result_detail(
user_client, alt_user_entry_name, 1, new_result_detail)
# admin user schedule entry
admin_entry_name = simulate_acquisitions(admin_client,
name="admin_single_acq")
admin_acq_url = reverse_result_detail(admin_entry_name, 1)
new_result_detail = user_client.get(admin_acq_url, **HTTPS_KWARG).data
new_result_detail["task_id"] = 2
user_modify_admin_response = update_result_detail(user_client,
admin_entry_name, 1,
new_result_detail)
validate_response(user_modify_alt_user_response, status.HTTP_403_FORBIDDEN)
validate_response(user_modify_admin_response, status.HTTP_403_FORBIDDEN)
def test_admin_can_create_private_results(admin_client, user_client, test_scheduler):
private_entry_name = simulate_frequency_fft_acquisitions(
admin_client, is_private=True
)
private_result_url = reverse_result_detail(private_entry_name, 1)
user_response = user_client.get(private_result_url, **HTTPS_KWARG)
validate_response(user_response, status.HTTP_403_FORBIDDEN)
def test_admin_can_view_private_results(admin_client, alt_admin_client,
test_scheduler):
private_entry_name = simulate_acquisitions(alt_admin_client,
is_private=True)
private_result_url = reverse_result_detail(private_entry_name, 1)
response = admin_client.get(private_result_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_200_OK)
def test_single_result_response(user_client):
entry_name = create_task_results(1, user_client)
result, = get_result_list(user_client, entry_name)
task_id = 1
expected_url = reverse_result_detail(entry_name, task_id)
assert result["self"] == expected_url
assert result["task_id"] == task_id
def test_user_cannot_view_private_result_details(user_client, admin_client,
test_scheduler):
"""A user should not be able to view the result of a private task."""
entry_name = simulate_acquisitions(admin_client, is_private=True)
task_id = 1
url = reverse_result_detail(entry_name, task_id)
response = user_client.get(url, **HTTPS_KWARG)
validate_response(response, status.HTTP_403_FORBIDDEN)
def test_admin_can_delete_own_results(admin_client, test_scheduler):
entry_name = simulate_acquisitions(admin_client)
result_url = reverse_result_detail(entry_name, 1)
first_response = admin_client.delete(result_url, **HTTPS_KWARG)
second_response = admin_client.delete(result_url, **HTTPS_KWARG)
validate_response(first_response, status.HTTP_204_NO_CONTENT)
validate_response(second_response, status.HTTP_404_NOT_FOUND)
def test_multiple_result_response(user_client, test_scheduler):
entry_name = create_task_results(3, user_client)
results = get_result_list(user_client, entry_name)
assert len(results) == 3
for i, acq in enumerate(results, start=1):
expected_url = reverse_result_detail(entry_name, i)
assert acq["self"] == expected_url
assert acq["task_id"] == i
def test_user_cannot_delete_others_results(admin_client, user_client, test_scheduler):
# alt admin private schedule entry
admin_entry_name = simulate_frequency_fft_acquisitions(
admin_client, name="alt_admin_single_acq"
)
admin_result_url = reverse_result_detail(admin_entry_name, 1)
user_delete_admin_response = user_client.delete(admin_result_url, **HTTPS_KWARG)
validate_response(user_delete_admin_response, status.HTTP_403_FORBIDDEN)
def test_admin_can_view_all_results(admin_client, alt_admin_client,
user_client, test_scheduler):
# alt admin schedule entry
alt_admin_entry_name = simulate_acquisitions(alt_admin_client,
name="alt_admin_single_acq")
alt_admin_result_url = reverse_result_detail(alt_admin_entry_name, 1)
admin_view_alt_admin_response = admin_client.get(alt_admin_result_url,
**HTTPS_KWARG)
# user schedule entry
user_result_name = simulate_acquisitions(user_client,
name="admin_single_acq")
user_result_url = reverse_result_detail(user_result_name, 1)
admin_view_user_response = admin_client.get(user_result_url, **HTTPS_KWARG)
validate_response(admin_view_alt_admin_response, status.HTTP_200_OK)
validate_response(admin_view_user_response, status.HTTP_200_OK)
def test_user_can_delete_own_results(user_client, test_scheduler):
"""A user should be able to delete results they own."""
entry_name = simulate_acquisitions(user_client)
result_url = reverse_result_detail(entry_name, 1)
first_response = user_client.delete(result_url, **HTTPS_KWARG)
second_response = user_client.delete(result_url, **HTTPS_KWARG)
validate_response(first_response, status.HTTP_204_NO_CONTENT)
validate_response(second_response, status.HTTP_404_NOT_FOUND)
def test_admin_cant_modify_own_results(admin_client, test_scheduler):
entry_name = simulate_frequency_fft_acquisitions(admin_client)
result_url = reverse_result_detail(entry_name, 1)
new_result_detail = admin_client.get(result_url, **HTTPS_KWARG).data
new_result_detail["task_id"] = 2
response = update_result_detail(admin_client, entry_name, 1, new_result_detail)
validate_response(response, status.HTTP_405_METHOD_NOT_ALLOWED)
def test_user_cant_modify_own_result(user_client, test_scheduler):
"""Task results are not modifiable."""
entry_name = simulate_frequency_fft_acquisitions(user_client)
acq_url = reverse_result_detail(entry_name, 1)
new_result_detail = user_client.get(acq_url, **HTTPS_KWARG).data
new_result_detail["task_id"] = 2
response = update_result_detail(user_client, entry_name, 1, new_result_detail)
validate_response(response, status.HTTP_405_METHOD_NOT_ALLOWED)
def test_user_cant_create_private_acquisition(user_client, alt_user_client,
test_scheduler):
# The alt user attempts to create a private acquisition.
entry_name = simulate_acquisitions(alt_user_client, is_private=True)
result_url = reverse_result_detail(entry_name, 1)
# The user attempts to GET the acquisition that the alt user created.
response = user_client.get(result_url, **HTTPS_KWARG)
# The user successfully GETs the acquistion that the alt user
# created; meaning that the acquisition was not, in fact, private.
validate_response(response, status.HTTP_200_OK)
def test_admin_can_delete_others_results(admin_client, alt_admin_client,
user_client, test_scheduler):
# alt admin private schedule entry
alt_admin_entry_name = simulate_acquisitions(alt_admin_client,
name="alt_admin_single_acq",
is_private=True)
alt_admin_result_url = reverse_result_detail(alt_admin_entry_name, 1)
admin_delete_alt_admin_response = admin_client.delete(
alt_admin_result_url, **HTTPS_KWARG)
# user schedule entry
user_result_name = simulate_acquisitions(user_client,
name="admin_single_acq")
user_result_url = reverse_result_detail(user_result_name, 1)
admin_delete_user_response = admin_client.delete(user_result_url,
**HTTPS_KWARG)
validate_response(admin_delete_user_response, status.HTTP_204_NO_CONTENT)
validate_response(admin_delete_alt_admin_response,
status.HTTP_204_NO_CONTENT)
def test_deleted_result_deletes_data_file(user_client, test_scheduler):
"""A user should be able to delete results they own."""
entry_name = simulate_acquisitions(user_client)
# schedule_entry = ScheduleEntry.objects.get(name=entry_name)
task_result = TaskResult.objects.get(schedule_entry__name=entry_name)
acquisition = Acquisition.objects.get(task_result__id=task_result.id)
data_file = acquisition.data.path
assert os.path.exists(data_file)
result_url = reverse_result_detail(entry_name, 1)
first_response = user_client.delete(result_url, **HTTPS_KWARG)
second_response = user_client.delete(result_url, **HTTPS_KWARG)
validate_response(first_response, status.HTTP_204_NO_CONTENT)
validate_response(second_response, status.HTTP_404_NOT_FOUND)
assert not os.path.exists(data_file)
def test_admin_cannot_modify_others_results(
admin_client, alt_admin_client, test_scheduler
):
# alt user schedule entry
alt_user_entry_name = simulate_frequency_fft_acquisitions(
alt_admin_client, name="alt_user_single_acq"
)
alt_user_acq_url = reverse_result_detail(alt_user_entry_name, 1)
new_result_detail = admin_client.get(alt_user_acq_url, **HTTPS_KWARG)
new_result_detail = new_result_detail.data
new_result_detail["task_id"] = 2
user_modify_alt_user_response = update_result_detail(
admin_client, alt_user_entry_name, 1, new_result_detail
)
validate_response(user_modify_alt_user_response, status.HTTP_405_METHOD_NOT_ALLOWED)
def test_admin_can_create_acquisition(admin_client, test_scheduler):
entry_name = simulate_frequency_fft_acquisitions(admin_client)
result_url = reverse_result_detail(entry_name, 1)
response = admin_client.get(result_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_200_OK)
def test_user_can_view_others_result_details(user_client, alt_user_client):
"""A user should be able to view results created by others."""
entry_name = create_task_results(1, user_client)
url = reverse_result_detail(entry_name, 1)
response = alt_user_client.get(url, **HTTPS_KWARG)
validate_response(response, status.HTTP_200_OK)
def test_admin_can_view_own_result_details(admin_client):
"""A user should be able to view results they create."""
entry_name = create_task_results(1, admin_client)
url = reverse_result_detail(entry_name, 1)
response = admin_client.get(url, **HTTPS_KWARG)
validate_response(response, status.HTTP_200_OK)
def test_user_cannot_view_result_details(admin_client, user_client):
"""A user should be able to view results created by others."""
entry_name = create_task_results(1, admin_client)
url = reverse_result_detail(entry_name, 1)
response = user_client.get(url, **HTTPS_KWARG)
validate_response(response, status.HTTP_403_FORBIDDEN)
def test_user_can_create_nonprivate_acquisition(user_client, test_scheduler):
entry_name = simulate_acquisitions(user_client)
result_url = reverse_result_detail(entry_name, 1)
response = user_client.get(result_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_200_OK)
