def _set_up_public_project_comment_reports(self):
self.public_project = ProjectFactory.build(is_public=True, creator=self.user)
self.public_project.add_contributor(contributor=self.contributor, save=True)
self.public_comment = CommentFactory.build(node=self.public_project, target=self.public_project, user=self.contributor)
self.public_comment.reports = {self.user._id: {'category': 'spam', 'text': 'This is spam'}}
self.public_comment.save()
self.public_url = '/{}comments/{}/reports/{}/'.format(API_BASE, self.public_comment._id, self.user._id)
def _set_up_public_project_comment_reports(self):
self.public_project = ProjectFactory.build(is_public=True, creator=self.user)
self.public_project.add_contributor(contributor=self.contributor, save=True)
self.public_comment = CommentFactory.build(node=self.public_project, target=self.public_project, user=self.contributor)
self.public_comment.reports = {self.user._id: {'category': 'spam', 'text': 'This is spam'}}
self.public_comment.save()
self.public_url = '/{}comments/{}/reports/{}/'.format(API_BASE, self.public_comment._id, self.user._id)
def test_public_node_reporting_contributor_can_delete_detail(self):
self._set_up_public_project_comment_reports()
comment = CommentFactory.build(node=self.public_project, target=self.public_project, user=self.contributor)
comment.reports = {self.user._id: {'category': 'spam', 'text': 'This is spam'}}
comment.save()
url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment._id, self.user._id)
res = self.app.delete_json_api(url, auth=self.user.auth)
assert_equal(res.status_code, 204)
def test_public_node_logged_in_non_contributor_reporter_can_view_report_detail(self):
project = ProjectFactory(is_public=True, comment_level='public')
comment = CommentFactory.build(node=project, user=project.creator)
comment.reports = {self.non_contributor._id: {'category': 'spam', 'text': 'This is spam'}}
comment.save()
url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment._id, self.non_contributor._id)
res = self.app.get(url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
def test_public_node_reporting_contributor_can_delete_detail(self):
self._set_up_public_project_file_comment_reports()
comment = CommentFactory.build(node=self.public_project, target=self.public_file, user=self.contributor)
comment.reports = {self.user._id: {'category': 'spam', 'text': 'This is spam'}}
comment.save()
url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment._id, self.user._id)
res = self.app.delete_json_api(url, auth=self.user.auth)
assert_equal(res.status_code, 204)
def test_public_node_logged_in_non_contributor_reporter_can_view_report_detail(self):
project = ProjectFactory(is_public=True, comment_level='public')
comment = CommentFactory.build(node=project, user=project.creator)
comment.reports = {self.non_contributor._id: {'category': 'spam', 'text': 'This is spam'}}
comment.save()
url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment._id, self.non_contributor._id)
res = self.app.get(url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
def _set_up_private_project_file_comment_reports(self):
self.private_project = ProjectFactory.build(is_public=False, creator=self.user)
self.private_project.add_contributor(contributor=self.contributor, save=True)
self.file = test_utils.create_test_file(self.private_project, self.user)
self.comment = CommentFactory.build(node=self.private_project, target=self.file, user=self.contributor)
self.comment.reports = self.comment.reports or {}
self.comment.reports[self.user._id] = {'category': 'spam', 'text': 'This is spam'}
self.comment.save()
self.private_url = '/{}comments/{}/reports/'.format(API_BASE, self.comment._id)
def _set_up_private_project_comment_reports(self):
self.private_project = ProjectFactory.build(is_public=False, creator=self.user)
self.private_project.add_contributor(contributor=self.contributor, save=True)
self.comment = CommentFactory.build(node=self.private_project, target=self.private_project, user=self.contributor)
self.comment.reports = {self.user._id: {
'category': 'spam',
'text': 'This is spam',
'date': datetime.utcnow(),
'retracted': False,
}}
self.comment.save()
self.private_url = '/{}comments/{}/reports/{}/'.format(API_BASE, self.comment._id, self.user._id)
def test_public_node_non_contributor_reporter_can_view_report(self):
project = ProjectFactory(is_public=True, comment_level='public')
comment = CommentFactory.build(node=project, user=project.creator)
comment.reports = comment.reports or {}
comment.reports[self.non_contributor._id] = {'category': 'spam', 'text': 'This is spam.'}
comment.save()
url = '/{}comments/{}/reports/'.format(API_BASE, comment._id)
res = self.app.get(url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
report_json = res.json['data']
report_ids = [report['id'] for report in report_json]
assert_equal(len(report_json), 1)
assert_in(self.non_contributor._id, report_ids)
def test_private_node_reporting_contributor_can_delete_report_detail(self):
self._set_up_private_project_file_comment_reports()
comment = CommentFactory.build(node=self.private_project, target=self.file, user=self.contributor)
comment.reports = {self.user._id: {
'category': 'spam',
'text': 'This is spam',
'date': datetime.utcnow(),
'retracted': False,
}}
comment.save()
url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment._id, self.user._id)
res = self.app.delete_json_api(url, auth=self.user.auth)
assert_equal(res.status_code, 204)
def test_private_node_reporting_contributor_can_delete_report_detail(self):
self._set_up_private_project_comment_reports()
comment = CommentFactory.build(node=self.private_project, target=self.private_project, user=self.contributor)
comment.reports = {self.user._id: {
'category': 'spam',
'text': 'This is spam',
'date': datetime.utcnow(),
'retracted': False,
}}
comment.save()
url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment._id, self.user._id)
res = self.app.delete_json_api(url, auth=self.user.auth)
assert_equal(res.status_code, 204)
def _set_up_public_project_comment_reports(self, comment_level='public'):
self.public_project = ProjectFactory.build(is_public=True, creator=self.user, comment_level=comment_level)
self.public_project.add_contributor(contributor=self.contributor, save=True)
self.public_comment = CommentFactory.build(node=self.public_project, target=self.public_project, user=self.contributor)
self.public_comment.reports = self.public_comment.reports or {}
self.public_comment.reports[self.user._id] = {
'category': 'spam',
'text': 'This is spam',
'date': datetime.utcnow(),
'retracted': False,
}
self.public_comment.save()
self.public_url = '/{}comments/{}/reports/'.format(API_BASE, self.public_comment._id)
def _set_up_public_project_comment_reports(self, comment_level='public'):
self.public_project = ProjectFactory.create(is_public=True, creator=self.user, comment_level=comment_level)
self.public_project.add_contributor(contributor=self.contributor, save=True)
self.public_comment = CommentFactory.build(node=self.public_project, user=self.contributor)
self.public_comment.reports = self.public_comment.reports or {}
self.public_comment.reports[self.user._id] = {
'category': 'spam',
'text': 'This is spam',
'date': datetime.utcnow(),
'retracted': False,
}
self.public_comment.save()
self.public_url = '/{}comments/{}/reports/'.format(API_BASE, self.public_comment._id)
def _set_up_private_project_file_comment_reports(self):
self.private_project = ProjectFactory.build(is_public=False, creator=self.user)
self.private_project.add_contributor(contributor=self.contributor, save=True)
self.file = test_utils.create_test_file(self.private_project, self.user)
self.comment = CommentFactory.build(node=self.private_project, target=self.file, user=self.contributor)
self.comment.reports = self.comment.reports or {}
self.comment.reports[self.user._id] = {
"category": "spam",
"text": "This is spam",
"date": datetime.utcnow(),
"retracted": False,
}
self.comment.save()
self.private_url = "/{}comments/{}/reports/".format(API_BASE, self.comment._id)
def _set_up_public_project_comment_reports(self, comment_level="public"):
self.public_project = ProjectFactory.build(is_public=True, creator=self.user, comment_level=comment_level)
self.public_project.add_contributor(contributor=self.contributor, save=True)
self.public_comment = CommentFactory.build(
node=self.public_project, target=self.public_project, user=self.contributor
)
self.public_comment.reports = self.public_comment.reports or {}
self.public_comment.reports[self.user._id] = {
"category": "spam",
"text": "This is spam",
"date": datetime.utcnow(),
"retracted": False,
}
self.public_comment.save()
self.public_url = "/{}comments/{}/reports/".format(API_BASE, self.public_comment._id)
def test_public_node_non_contributor_reporter_can_view_report(self):
project = ProjectFactory(is_public=True, comment_level='public')
comment = CommentFactory.build(node=project, user=project.creator)
comment.reports = comment.reports or {}
comment.reports[self.non_contributor._id] = {
'category': 'spam',
'text': 'This is spam.'
}
comment.save()
url = '/{}comments/{}/reports/'.format(API_BASE, comment._id)
res = self.app.get(url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
report_json = res.json['data']
report_ids = [report['id'] for report in report_json]
assert_equal(len(report_json), 1)
assert_in(self.non_contributor._id, report_ids)
def test_private_node_logged_out_user_cannot_undelete_comment(self):
self._set_up_private_project_with_comment()
comment = CommentFactory.build(node=self.private_project, target=self.private_project, user=self.user)
comment.is_deleted = True
comment.save()
url = '/{}comments/{}/'.format(API_BASE, comment._id)
payload = {
'data': {
'id': comment._id,
'type': 'comments',
'attributes': {
'deleted': False
}
}
}
res = self.app.patch_json_api(url, payload, expect_errors=True)
assert_equal(res.status_code, 401)
def test_private_node_logged_out_user_cannot_undelete_comment(self):
self._set_up_private_project_with_comment()
comment = CommentFactory.build(node=self.private_project, target=self.private_project, user=self.user)
comment.is_deleted = True
comment.save()
url = '/{}comments/{}/'.format(API_BASE, comment._id)
payload = {
'data': {
'id': comment._id,
'type': 'comments',
'attributes': {
'deleted': False
}
}
}
res = self.app.patch_json_api(url, payload, expect_errors=True)
assert_equal(res.status_code, 401)
def test_private_node_logged_out_user_cannot_undelete_file_comment(self):
self._set_up_private_project_with_file_comment()
comment = CommentFactory.build(node=self.private_project, target=self.file.get_guid(), user=self.user)
comment.is_deleted = True
comment.save()
url = '/{}comments/{}/'.format(API_BASE, comment._id)
payload = {
'data': {
'id': comment._id,
'type': 'comments',
'attributes': {
'deleted': False
}
}
}
res = self.app.patch_json_api(url, payload, expect_errors=True)
assert_equal(res.status_code, 401)
assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
def test_public_node_logged_in_non_contributor_reporter_can_delete_report_detail(self):
project = ProjectFactory(is_public=True, comment_level='public')
comment = CommentFactory.build(node=project, user=project.creator)
comment.reports = {self.non_contributor._id: {'category': 'spam', 'text': 'This is spam'}}
comment.save()
url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment._id, self.non_contributor._id)
payload = {
'data': {
'id': self.non_contributor._id,
'type': 'comment_reports',
'attributes': {
'category': 'spam',
'message': 'Spam is delicious.'
}
}
}
res = self.app.delete_json_api(url, payload, auth=self.non_contributor.auth)
assert_equal(res.status_code, 204)
def test_private_node_non_contributor_cannot_undelete_file_comment(self):
self._set_up_private_project_with_file_comment()
comment = CommentFactory.build(node=self.private_project, target=self.file, user=self.user)
comment.is_deleted = True
comment.save()
url = '/{}comments/{}/'.format(API_BASE, comment._id)
payload = {
'data': {
'id': comment._id,
'type': 'comments',
'attributes': {
'deleted': False
}
}
}
res = self.app.patch_json_api(url, payload, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
def test_private_node_only_logged_in_contributor_commenter_can_undelete_comment(self):
self._set_up_private_project_with_comment()
comment = CommentFactory.build(node=self.private_project, target=self.private_project, user=self.user)
comment.is_deleted = True
comment.save()
url = '/{}comments/{}/'.format(API_BASE, comment._id)
payload = {
'data': {
'id': comment._id,
'type': 'comments',
'attributes': {
'deleted': False
}
}
}
res = self.app.patch_json_api(url, payload, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_false(res.json['data']['attributes']['deleted'])
assert_equal(res.json['data']['attributes']['content'], comment.content)
def test_private_node_only_logged_in_contributor_commenter_can_undelete_file_comment(self):
self._set_up_private_project_with_file_comment()
comment = CommentFactory.build(node=self.private_project, target=self.file, user=self.user)
comment.is_deleted = True
comment.save()
url = '/{}comments/{}/'.format(API_BASE, comment._id)
payload = {
'data': {
'id': comment._id,
'type': 'comments',
'attributes': {
'deleted': False
}
}
}
res = self.app.patch_json_api(url, payload, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_false(res.json['data']['attributes']['deleted'])
assert_equal(res.json['data']['attributes']['content'], comment.content)
def test_public_node_logged_in_non_contributor_reporter_can_update_report_detail(self):
project = ProjectFactory(is_public=True, comment_level='public')
comment = CommentFactory.build(node=project, user=project.creator)
comment.reports = {self.non_contributor._id: {'category': 'spam', 'text': 'This is spam'}}
comment.save()
url = '/{}comments/{}/reports/{}/'.format(API_BASE, comment._id, self.non_contributor._id)
payload = {
'data': {
'id': self.non_contributor._id,
'type': 'comment_reports',
'attributes': {
'category': 'spam',
'message': 'Spam is delicious.'
}
}
}
res = self.app.put_json_api(url, payload, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['message'], payload['data']['attributes']['message'])
def _set_up_private_project_file_comment_reports(self):
self.private_project = ProjectFactory.create(is_public=False,
creator=self.user)
self.private_project.add_contributor(contributor=self.contributor,
save=True)
self.file = test_utils.create_test_file(self.private_project,
self.user)
self.comment = CommentFactory.build(node=self.private_project,
target=self.file.get_guid(),
user=self.contributor)
self.comment.reports = self.comment.reports or {}
self.comment.reports[self.user._id] = {
'category': 'spam',
'text': 'This is spam',
'date': datetime.utcnow(),
'retracted': False,
}
self.comment.save()
self.private_url = '/{}comments/{}/reports/'.format(
API_BASE, self.comment._id)
