def test_new_draft_registration_on_registration(self): target = RegistrationFactory(user=self.user) payload = { 'schema_name': self.meta_schema.name, 'schema_version': self.meta_schema.schema_version } url = target.web_url_for('new_draft_registration') res = self.app.post(url, payload, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, http.FORBIDDEN)
def test_is_public_node_register_page(self): self.node.is_public = True self.node.save() reg = RegistrationFactory(project=self.node) reg.is_public = True reg.save() url = reg.web_url_for('node_register_page') res = self.app.get(url, auth=None) assert_equal(res.status_code, http.OK)
def test_non_admin_can_view_node_register_page(self): non_admin = AuthUserFactory() self.node.add_contributor(non_admin, permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS, auth=self.auth, save=True) reg = RegistrationFactory(project=self.node) url = reg.web_url_for('node_register_page') res = self.app.get(url, auth=non_admin.auth) assert_equal(res.status_code, http.OK)
def test_non_admin_can_view_node_register_page(self): non_admin = AuthUserFactory() self.node.add_contributor( non_admin, permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS, auth=self.auth, save=True ) reg = RegistrationFactory(project=self.node) url = reg.web_url_for('node_register_page') res = self.app.get(url, auth=non_admin.auth) assert_equal(res.status_code, http.OK)
def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self): project = ProjectFactory(creator=self.user) registration = RegistrationFactory(project=project) registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) registration.save() assert_true(registration.is_pending_embargo) rejection_token = registration.embargo.approval_state[self.user._id]["rejection_token"] res = self.app.get(registration.web_url_for("view_project", token=rejection_token), auth=self.user.auth) registration.embargo.reload() assert_equal(registration.embargo.state, Embargo.REJECTED) assert_false(registration.is_pending_embargo) assert_equal(res.status_code, 302)
def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self): project = ProjectFactory(creator=self.user) registration = RegistrationFactory(project=project) registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) registration.save() assert_true(registration.is_pending_embargo) rejection_token = registration.embargo.approval_state[ self.user._id]['rejection_token'] res = self.app.get( registration.web_url_for('view_project', token=rejection_token), auth=self.user.auth, ) registration.embargo.reload() assert_equal(registration.embargo.state, Embargo.REJECTED) assert_false(registration.is_pending_embargo) assert_equal(res.status_code, 302)
def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self): project = ProjectFactory(creator=self.user) registration = RegistrationFactory(project=project) registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) registration.save() assert_true(registration.pending_embargo) disapproval_token = registration.embargo.approval_state[self.user._id]['disapproval_token'] res = self.app.get( registration.web_url_for('node_registration_embargo_disapprove', token=disapproval_token), auth=self.user.auth, ) registration.embargo.reload() assert_equal(registration.embargo.state, Embargo.CANCELLED) assert_false(registration.embargo_end_date) assert_false(registration.pending_embargo) assert_equal(res.status_code, 302) assert_true(project._id in res.location)
class RegistrationEmbargoViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationEmbargoViewsTestCase, self).setUp() ensure_schemas() self.user = AuthUserFactory() self.project = ProjectFactory(creator=self.user) self.registration = RegistrationFactory(project=self.project, creator=self.user) current_month = datetime.datetime.now().strftime("%B") current_year = datetime.datetime.now().strftime("%Y") self.valid_make_public_payload = json.dumps({ u'embargoEndDate': u'Fri, 01, {month} {year} 00:00:00 GMT'.format(month=current_month, year=current_year), u'registrationChoice': 'immediate', u'summary': unicode(fake.sentence()) }) valid_date = datetime.datetime.now() + datetime.timedelta(days=180) self.valid_embargo_payload = json.dumps({ u'embargoEndDate': unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT', u'registrationChoice': 'embargo', u'summary': unicode(fake.sentence()) }) self.invalid_embargo_date_payload = json.dumps({ u'embargoEndDate': u"Thu, 01 {month} {year} 05:00:00 GMT".format( month=current_month, year=str(int(current_year) - 1)), u'registrationChoice': 'embargo', u'summary': unicode(fake.sentence()) }) @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_register_make_public_immediately_creates_registration_approval( self, mock_enqueue): res = self.app.post(self.project.api_url_for( 'node_register_template_page_post', template=u'Open-Ended_Registration'), self.valid_make_public_payload, content_type='application/json', auth=self.user.auth) assert_equal(res.status_code, 201) registration = Node.find().sort('-registered_date')[0] assert_true(registration.is_registration) assert_not_equal(registration.registration_approval, None) # Regression test for https://openscience.atlassian.net/browse/OSF-5039 @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_register_make_public_immediately_creates_private_pending_registration_for_public_project( self, mock_enqueue): public_project = ProjectFactory(is_public=True, creator=self.user) component = NodeFactory(creator=self.user, parent=public_project, title='Component', is_public=True) subproject = ProjectFactory(creator=self.user, parent=public_project, title='Subproject', is_public=True) subproject_component = NodeFactory(creator=self.user, parent=subproject, title='Subcomponent', is_public=True) res = self.app.post(public_project.api_url_for( 'node_register_template_page_post', template=u'Open-Ended_Registration'), self.valid_make_public_payload, content_type='application/json', auth=self.user.auth) public_project.reload() assert_equal(res.status_code, 201) # Last node directly registered from self.project registration = Node.load(public_project.node__registrations[-1]) assert_true(registration.is_registration) assert_false(registration.is_public) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_register_make_public_does_not_make_children_public( self, mock_enqueue): component = NodeFactory(creator=self.user, parent=self.project, title='Component') subproject = ProjectFactory(creator=self.user, parent=self.project, title='Subproject') subproject_component = NodeFactory(creator=self.user, parent=subproject, title='Subcomponent') res = self.app.post(self.project.api_url_for( 'node_register_template_page_post', template=u'Open-Ended_Registration'), self.valid_make_public_payload, content_type='application/json', auth=self.user.auth) self.project.reload() # Last node directly registered from self.project registration = Node.load(self.project.node__registrations[-1]) assert_false(registration.is_public) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_register_embargo_is_not_public(self, mock_enqueue): res = self.app.post(self.project.api_url_for( 'node_register_template_page_post', template=u'Open-Ended_Registration'), self.valid_embargo_payload, content_type='application/json', auth=self.user.auth) assert_equal(res.status_code, 201) registration = Node.find().sort('-registered_date')[0] assert_true(registration.is_registration) assert_false(registration.is_public) assert_true(registration.is_pending_embargo_for_existing_registration) assert_is_not_none(registration.embargo) # Regression test for https://openscience.atlassian.net/browse/OSF-5071 @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_register_embargo_does_not_make_project_or_children_public( self, mock_enqueue): public_project = ProjectFactory(creator=self.user, is_public=True) component = NodeFactory(creator=self.user, parent=public_project, title='Component', is_public=True) subproject = ProjectFactory(creator=self.user, parent=public_project, title='Subproject', is_public=True) subproject_component = NodeFactory(creator=self.user, parent=subproject, title='Subcomponent', is_public=True) res = self.app.post(public_project.api_url_for( 'node_register_template_page_post', template=u'Open-Ended_Registration'), self.valid_embargo_payload, content_type='application/json', auth=self.user.auth) public_project.reload() assert_equal(res.status_code, 201) # Last node directly registered from self.project registration = Node.load(public_project.node__registrations[-1]) assert_true(registration.is_registration) assert_false(registration.is_public) assert_true(registration.is_pending_embargo_for_existing_registration) assert_is_not_none(registration.embargo) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_invalid_embargo_end_date_returns_HTTPBad_Request( self, mock_enqueue): res = self.app.post(self.project.api_url_for( 'node_register_template_page_post', template=u'Open-Ended_Registration'), self.invalid_embargo_date_payload, content_type='application/json', auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) @mock.patch('framework.tasks.handlers.enqueue_task') def test_valid_POST_embargo_adds_to_parent_projects_log( self, mock_enquque): initial_project_logs = len(self.project.logs) res = self.app.post(self.project.api_url_for( 'node_register_template_page_post', template=u'Open-Ended_Registration'), self.valid_embargo_payload, content_type='application/json', auth=self.user.auth) self.project.reload() # Logs: Created, registered, embargo initiated assert_equal(len(self.project.logs), initial_project_logs + 1) def test_non_contributor_GET_approval_returns_HTTPError(self): non_contributor = AuthUserFactory() self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) approval_token = self.registration.embargo.approval_state[ self.user._id]['approval_token'] approval_url = self.registration.web_url_for('view_project', token=approval_token) res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(http.FORBIDDEN, res.status_code) assert_true(self.registration.is_pending_embargo) assert_false(self.registration.embargo_end_date) def test_non_contributor_GET_disapproval_returns_HTTPError(self): non_contributor = AuthUserFactory() self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) rejection_token = self.registration.embargo.approval_state[ self.user._id]['rejection_token'] approval_url = self.registration.web_url_for('view_project', token=rejection_token) res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(http.FORBIDDEN, res.status_code) assert_true(self.registration.is_pending_embargo) assert_false(self.registration.embargo_end_date)
class RegistrationEmbargoApprovalDisapprovalViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationEmbargoApprovalDisapprovalViewsTestCase, self).setUp() self.user = AuthUserFactory() self.registration = RegistrationFactory(creator=self.user) # node_registration_embargo_approve tests def test_GET_from_unauthorized_user_raises_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get(self.registration.web_url_for('view_project', token=DUMMY_TOKEN), auth=unauthorized_user.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_GET_approve_registration_without_embargo_raises_HTTPBad_Request( self): assert_false(self.registration.is_pending_embargo) res = self.app.get(self.registration.web_url_for('view_project', token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_GET_approve_with_invalid_token_returns_HTTPBad_Request(self): self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) res = self.app.get(self.registration.web_url_for('view_project', token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_GET_approve_with_wrong_token_returns_HTTPBad_Request(self): admin2 = UserFactory() self.registration.contributors.append(admin2) self.registration.add_permission(admin2, 'admin', save=True) self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) wrong_approval_token = self.registration.embargo.approval_state[ admin2._id]['approval_token'] res = self.app.get(self.registration.web_url_for( 'view_project', token=wrong_approval_token), auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_GET_approve_with_wrong_admins_token_returns_HTTPBad_Request(self): admin2 = UserFactory() self.registration.contributors.append(admin2) self.registration.add_permission(admin2, 'admin', save=True) self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) wrong_approval_token = self.registration.embargo.approval_state[ admin2._id]['approval_token'] res = self.app.get(self.registration.web_url_for( 'view_project', token=wrong_approval_token), auth=self.user.auth, expect_errors=True) assert_true(self.registration.is_pending_embargo) assert_equal(res.status_code, 400) @mock.patch('flask.redirect') def test_GET_approve_with_valid_token_redirects(self, mock_redirect): self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) approval_token = self.registration.embargo.approval_state[ self.user._id]['approval_token'] self.app.get( self.registration.web_url_for('view_project', token=approval_token), auth=self.user.auth, ) self.registration.embargo.reload() assert_true(self.registration.embargo_end_date) assert_false(self.registration.is_pending_embargo) assert_true( mock_redirect.called_with( self.registration.web_url_for('view_project'))) def test_GET_from_unauthorized_user_returns_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get(self.registration.web_url_for('view_project', token=DUMMY_TOKEN), auth=unauthorized_user.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_GET_disapprove_registration_without_embargo_HTTPBad_Request(self): assert_false(self.registration.is_pending_embargo) res = self.app.get(self.registration.web_url_for('view_project', token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_GET_disapprove_with_invalid_token_returns_HTTPBad_Request(self): self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) res = self.app.get(self.registration.web_url_for('view_project', token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True) self.registration.embargo.reload() assert_true(self.registration.is_pending_embargo) assert_equal(res.status_code, 400) def test_GET_disapprove_with_wrong_admins_token_returns_HTTPBad_Request( self): admin2 = UserFactory() self.registration.contributors.append(admin2) self.registration.add_permission(admin2, 'admin', save=True) self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) wrong_rejection_token = self.registration.embargo.approval_state[ admin2._id]['rejection_token'] res = self.app.get(self.registration.web_url_for( 'view_project', token=wrong_rejection_token), auth=self.user.auth, expect_errors=True) assert_true(self.registration.is_pending_embargo) assert_equal(res.status_code, 400) def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self): project = ProjectFactory(creator=self.user) registration = RegistrationFactory(project=project) registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) registration.save() assert_true(registration.is_pending_embargo) rejection_token = registration.embargo.approval_state[ self.user._id]['rejection_token'] res = self.app.get( registration.web_url_for('view_project', token=rejection_token), auth=self.user.auth, ) registration.embargo.reload() assert_equal(registration.embargo.state, Embargo.REJECTED) assert_false(registration.is_pending_embargo) assert_equal(res.status_code, 302) @mock.patch('flask.redirect') def test_GET_disapprove_for_existing_registration_with_valid_token_redirects_to_registration( self, mock_redirect): self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10), for_existing_registration=True) self.registration.save() assert_true(self.registration.is_pending_embargo) rejection_token = self.registration.embargo.approval_state[ self.user._id]['rejection_token'] res = self.app.get( self.registration.web_url_for('view_project', token=rejection_token), auth=self.user.auth, ) self.registration.embargo.reload() assert_equal(self.registration.embargo.state, Embargo.REJECTED) assert_false(self.registration.is_pending_embargo) assert_true( mock_redirect.called_with( self.registration.web_url_for('view_project')))
class RegistrationEmbargoViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationEmbargoViewsTestCase, self).setUp() ensure_schemas() self.user = AuthUserFactory() self.project = ProjectFactory(creator=self.user) self.registration = RegistrationFactory(project=self.project, creator=self.user) current_month = datetime.datetime.now().strftime("%B") current_year = datetime.datetime.now().strftime("%Y") self.valid_make_public_payload = json.dumps( { u"embargoEndDate": u"Fri, 01, {month} {year} 00:00:00 GMT".format( month=current_month, year=current_year ), u"registrationChoice": "immediate", u"summary": unicode(fake.sentence()), } ) valid_date = datetime.datetime.now() + datetime.timedelta(days=180) self.valid_embargo_payload = json.dumps( { u"embargoEndDate": unicode(valid_date.strftime("%a, %d, %B %Y %H:%M:%S")) + u" GMT", u"registrationChoice": "embargo", u"summary": unicode(fake.sentence()), } ) self.invalid_embargo_date_payload = json.dumps( { u"embargoEndDate": u"Thu, 01 {month} {year} 05:00:00 GMT".format( month=current_month, year=str(int(current_year) - 1) ), u"registrationChoice": "embargo", u"summary": unicode(fake.sentence()), } ) @mock.patch("framework.tasks.handlers.enqueue_task") def test_POST_register_make_public_immediately_creates_registration_approval(self, mock_enqueue): res = self.app.post( self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"), self.valid_make_public_payload, content_type="application/json", auth=self.user.auth, ) assert_equal(res.status_code, 201) registration = Node.find().sort("-registered_date")[0] assert_true(registration.is_registration) assert_not_equal(registration.registration_approval, None) # Regression test for https://openscience.atlassian.net/browse/OSF-5039 @mock.patch("framework.tasks.handlers.enqueue_task") def test_POST_register_make_public_immediately_creates_private_pending_registration_for_public_project( self, mock_enqueue ): public_project = ProjectFactory(is_public=True, creator=self.user) component = NodeFactory(creator=self.user, parent=public_project, title="Component", is_public=True) subproject = ProjectFactory(creator=self.user, parent=public_project, title="Subproject", is_public=True) subproject_component = NodeFactory(creator=self.user, parent=subproject, title="Subcomponent", is_public=True) res = self.app.post( public_project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"), self.valid_make_public_payload, content_type="application/json", auth=self.user.auth, ) public_project.reload() assert_equal(res.status_code, 201) # Last node directly registered from self.project registration = Node.load(public_project.node__registrations[-1]) assert_true(registration.is_registration) assert_false(registration.is_public) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch("framework.tasks.handlers.enqueue_task") def test_POST_register_make_public_does_not_make_children_public(self, mock_enqueue): component = NodeFactory(creator=self.user, parent=self.project, title="Component") subproject = ProjectFactory(creator=self.user, parent=self.project, title="Subproject") subproject_component = NodeFactory(creator=self.user, parent=subproject, title="Subcomponent") res = self.app.post( self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"), self.valid_make_public_payload, content_type="application/json", auth=self.user.auth, ) self.project.reload() # Last node directly registered from self.project registration = Node.load(self.project.node__registrations[-1]) assert_false(registration.is_public) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch("framework.tasks.handlers.enqueue_task") def test_POST_register_embargo_is_not_public(self, mock_enqueue): res = self.app.post( self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"), self.valid_embargo_payload, content_type="application/json", auth=self.user.auth, ) assert_equal(res.status_code, 201) registration = Node.find().sort("-registered_date")[0] assert_true(registration.is_registration) assert_false(registration.is_public) assert_true(registration.is_pending_embargo_for_existing_registration) assert_is_not_none(registration.embargo) # Regression test for https://openscience.atlassian.net/browse/OSF-5071 @mock.patch("framework.tasks.handlers.enqueue_task") def test_POST_register_embargo_does_not_make_project_or_children_public(self, mock_enqueue): public_project = ProjectFactory(creator=self.user, is_public=True) component = NodeFactory(creator=self.user, parent=public_project, title="Component", is_public=True) subproject = ProjectFactory(creator=self.user, parent=public_project, title="Subproject", is_public=True) subproject_component = NodeFactory(creator=self.user, parent=subproject, title="Subcomponent", is_public=True) res = self.app.post( public_project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"), self.valid_embargo_payload, content_type="application/json", auth=self.user.auth, ) public_project.reload() assert_equal(res.status_code, 201) # Last node directly registered from self.project registration = Node.load(public_project.node__registrations[-1]) assert_true(registration.is_registration) assert_false(registration.is_public) assert_true(registration.is_pending_embargo_for_existing_registration) assert_is_not_none(registration.embargo) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch("framework.tasks.handlers.enqueue_task") def test_POST_invalid_embargo_end_date_returns_HTTPBad_Request(self, mock_enqueue): res = self.app.post( self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"), self.invalid_embargo_date_payload, content_type="application/json", auth=self.user.auth, expect_errors=True, ) assert_equal(res.status_code, 400) @mock.patch("framework.tasks.handlers.enqueue_task") def test_valid_POST_embargo_adds_to_parent_projects_log(self, mock_enquque): initial_project_logs = len(self.project.logs) res = self.app.post( self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"), self.valid_embargo_payload, content_type="application/json", auth=self.user.auth, ) self.project.reload() # Logs: Created, registered, embargo initiated assert_equal(len(self.project.logs), initial_project_logs + 1) def test_non_contributor_GET_approval_returns_HTTPError(self): non_contributor = AuthUserFactory() self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) approval_token = self.registration.embargo.approval_state[self.user._id]["approval_token"] approval_url = self.registration.web_url_for("view_project", token=approval_token) res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(http.FORBIDDEN, res.status_code) assert_true(self.registration.is_pending_embargo) assert_false(self.registration.embargo_end_date) def test_non_contributor_GET_disapproval_returns_HTTPError(self): non_contributor = AuthUserFactory() self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"] approval_url = self.registration.web_url_for("view_project", token=rejection_token) res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(http.FORBIDDEN, res.status_code) assert_true(self.registration.is_pending_embargo) assert_false(self.registration.embargo_end_date)
class RegistrationEmbargoApprovalDisapprovalViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationEmbargoApprovalDisapprovalViewsTestCase, self).setUp() self.user = AuthUserFactory() self.registration = RegistrationFactory(creator=self.user) # node_registration_embargo_approve tests def test_GET_from_unauthorized_user_raises_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get( self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=unauthorized_user.auth, expect_errors=True, ) assert_equal(res.status_code, 403) def test_GET_approve_registration_without_embargo_raises_HTTPBad_Request(self): assert_false(self.registration.is_pending_embargo) res = self.app.get( self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_approve_with_invalid_token_returns_HTTPBad_Request(self): self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) res = self.app.get( self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_approve_with_wrong_token_returns_HTTPBad_Request(self): admin2 = UserFactory() self.registration.contributors.append(admin2) self.registration.add_permission(admin2, "admin", save=True) self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) wrong_approval_token = self.registration.embargo.approval_state[admin2._id]["approval_token"] res = self.app.get( self.registration.web_url_for("view_project", token=wrong_approval_token), auth=self.user.auth, expect_errors=True, ) assert_equal(res.status_code, 400) def test_GET_approve_with_wrong_admins_token_returns_HTTPBad_Request(self): admin2 = UserFactory() self.registration.contributors.append(admin2) self.registration.add_permission(admin2, "admin", save=True) self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) wrong_approval_token = self.registration.embargo.approval_state[admin2._id]["approval_token"] res = self.app.get( self.registration.web_url_for("view_project", token=wrong_approval_token), auth=self.user.auth, expect_errors=True, ) assert_true(self.registration.is_pending_embargo) assert_equal(res.status_code, 400) @mock.patch("flask.redirect") def test_GET_approve_with_valid_token_redirects(self, mock_redirect): self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) approval_token = self.registration.embargo.approval_state[self.user._id]["approval_token"] self.app.get(self.registration.web_url_for("view_project", token=approval_token), auth=self.user.auth) self.registration.embargo.reload() assert_true(self.registration.embargo_end_date) assert_false(self.registration.is_pending_embargo) assert_true(mock_redirect.called_with(self.registration.web_url_for("view_project"))) def test_GET_from_unauthorized_user_returns_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get( self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=unauthorized_user.auth, expect_errors=True, ) assert_equal(res.status_code, 403) def test_GET_disapprove_registration_without_embargo_HTTPBad_Request(self): assert_false(self.registration.is_pending_embargo) res = self.app.get( self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_disapprove_with_invalid_token_returns_HTTPBad_Request(self): self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) res = self.app.get( self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True ) self.registration.embargo.reload() assert_true(self.registration.is_pending_embargo) assert_equal(res.status_code, 400) def test_GET_disapprove_with_wrong_admins_token_returns_HTTPBad_Request(self): admin2 = UserFactory() self.registration.contributors.append(admin2) self.registration.add_permission(admin2, "admin", save=True) self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) self.registration.save() assert_true(self.registration.is_pending_embargo) wrong_rejection_token = self.registration.embargo.approval_state[admin2._id]["rejection_token"] res = self.app.get( self.registration.web_url_for("view_project", token=wrong_rejection_token), auth=self.user.auth, expect_errors=True, ) assert_true(self.registration.is_pending_embargo) assert_equal(res.status_code, 400) def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self): project = ProjectFactory(creator=self.user) registration = RegistrationFactory(project=project) registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10)) registration.save() assert_true(registration.is_pending_embargo) rejection_token = registration.embargo.approval_state[self.user._id]["rejection_token"] res = self.app.get(registration.web_url_for("view_project", token=rejection_token), auth=self.user.auth) registration.embargo.reload() assert_equal(registration.embargo.state, Embargo.REJECTED) assert_false(registration.is_pending_embargo) assert_equal(res.status_code, 302) @mock.patch("flask.redirect") def test_GET_disapprove_for_existing_registration_with_valid_token_redirects_to_registration(self, mock_redirect): self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10), for_existing_registration=True ) self.registration.save() assert_true(self.registration.is_pending_embargo) rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"] res = self.app.get(self.registration.web_url_for("view_project", token=rejection_token), auth=self.user.auth) self.registration.embargo.reload() assert_equal(self.registration.embargo.state, Embargo.REJECTED) assert_false(self.registration.is_pending_embargo) assert_true(mock_redirect.called_with(self.registration.web_url_for("view_project")))
class RegistrationEmbargoViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationEmbargoViewsTestCase, self).setUp() ensure_schemas() self.user = AuthUserFactory() self.project = ProjectFactory(creator=self.user) self.draft = DraftRegistrationFactory(branched_from=self.project) self.registration = RegistrationFactory(project=self.project, creator=self.user) current_month = datetime.datetime.now().strftime("%B") current_year = datetime.datetime.now().strftime("%Y") self.valid_make_public_payload = json.dumps({ u'embargoEndDate': u'Fri, 01, {month} {year} 00:00:00 GMT'.format( month=current_month, year=current_year ), u'registrationChoice': 'immediate', u'summary': unicode(fake.sentence()) }) valid_date = datetime.datetime.now() + datetime.timedelta(days=180) self.valid_embargo_payload = json.dumps({ u'embargoEndDate': unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT', u'registrationChoice': 'embargo', u'summary': unicode(fake.sentence()) }) self.invalid_embargo_date_payload = json.dumps({ u'embargoEndDate': u"Thu, 01 {month} {year} 05:00:00 GMT".format( month=current_month, year=str(int(current_year)-1) ), u'registrationChoice': 'embargo', u'summary': unicode(fake.sentence()) }) @mock.patch('framework.tasks.handlers.enqueue_task') def test_register_draft_without_embargo_creates_registration_approval(self, mock_enqueue): res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_make_public_payload, content_type='application/json', auth=self.user.auth ) assert_equal(res.status_code, 202) registration = Node.find().sort('-registered_date')[0] assert_true(registration.is_registration) assert_not_equal(registration.registration_approval, None) # Regression test for https://openscience.atlassian.net/browse/OSF-5039 @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_register_make_public_immediately_creates_private_pending_registration_for_public_project(self, mock_enqueue): self.project.is_public = True self.project.save() component = NodeFactory( creator=self.user, parent=self.project, title='Component', is_public=True ) subproject = ProjectFactory( creator=self.user, parent=self.project, title='Subproject', is_public=True ) subproject_component = NodeFactory( creator=self.user, parent=subproject, title='Subcomponent', is_public=True ) res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_make_public_payload, content_type='application/json', auth=self.user.auth ) self.project.reload() assert_equal(res.status_code, 202) assert_equal(res.json['urls']['registrations'], self.project.web_url_for('node_registrations')) # Last node directly registered from self.project registration = Node.find( Q('registered_from', 'eq', self.project) ).sort('-registered_date')[0] assert_true(registration.is_registration) assert_false(registration.is_public) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_register_make_public_does_not_make_children_public(self, mock_enqueue): component = NodeFactory( creator=self.user, parent=self.project, title='Component' ) subproject = ProjectFactory( creator=self.user, parent=self.project, title='Subproject' ) subproject_component = NodeFactory( creator=self.user, parent=subproject, title='Subcomponent' ) res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_make_public_payload, content_type='application/json', auth=self.user.auth ) self.project.reload() # Last node directly registered from self.project registration = Node.load(self.project.node__registrations[-1]) assert_false(registration.is_public) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_register_embargo_is_not_public(self, mock_enqueue): res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_embargo_payload, content_type='application/json', auth=self.user.auth ) assert_equal(res.status_code, 202) registration = Node.find().sort('-registered_date')[0] assert_true(registration.is_registration) assert_false(registration.is_public) assert_true(registration.is_pending_embargo_for_existing_registration) assert_is_not_none(registration.embargo) # Regression test for https://openscience.atlassian.net/browse/OSF-5071 @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_register_embargo_does_not_make_project_or_children_public(self, mock_enqueue): self.project.is_public = True self.project.save() component = NodeFactory( creator=self.user, parent=self.project, title='Component', is_public=True ) subproject = ProjectFactory( creator=self.user, parent=self.project, title='Subproject', is_public=True ) subproject_component = NodeFactory( creator=self.user, parent=subproject, title='Subcomponent', is_public=True ) res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_embargo_payload, content_type='application/json', auth=self.user.auth ) self.project.reload() assert_equal(res.status_code, 202) assert_equal(res.json['urls']['registrations'], self.project.web_url_for('node_registrations')) # Last node directly registered from self.project registration = Node.find( Q('registered_from', 'eq', self.project) ).sort('-registered_date')[0] assert_true(registration.is_registration) assert_false(registration.is_public) assert_true(registration.is_pending_embargo_for_existing_registration) assert_is_not_none(registration.embargo) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch('framework.tasks.handlers.enqueue_task') def test_POST_invalid_embargo_end_date_returns_HTTPBad_Request(self, mock_enqueue): res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.invalid_embargo_date_payload, content_type='application/json', auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) @mock.patch('framework.tasks.handlers.enqueue_task') def test_valid_POST_embargo_adds_to_parent_projects_log(self, mock_enquque): initial_project_logs = len(self.project.logs) res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_embargo_payload, content_type='application/json', auth=self.user.auth ) self.project.reload() # Logs: Created, registered, embargo initiated assert_equal(len(self.project.logs), initial_project_logs + 1) def test_non_contributor_GET_approval_returns_HTTPError(self): non_contributor = AuthUserFactory() self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.is_pending_embargo) approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token'] approval_url = self.registration.web_url_for('view_project', token=approval_token) res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(http.FORBIDDEN, res.status_code) assert_true(self.registration.is_pending_embargo) assert_false(self.registration.embargo_end_date) def test_non_contributor_GET_disapproval_returns_HTTPError(self): non_contributor = AuthUserFactory() self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.is_pending_embargo) rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token'] approval_url = self.registration.web_url_for('view_project', token=rejection_token) res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(http.FORBIDDEN, res.status_code) assert_true(self.registration.is_pending_embargo) assert_false(self.registration.embargo_end_date)
class RegistrationEmbargoApprovalDisapprovalViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationEmbargoApprovalDisapprovalViewsTestCase, self).setUp() self.user = AuthUserFactory() self.registration = RegistrationFactory(creator=self.user) # node_registration_embargo_approve tests def test_GET_from_unauthorized_user_raises_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get( self.registration.web_url_for('node_registration_embargo_approve', token=fake.sentence()), auth=unauthorized_user.auth, expect_errors=True ) assert_equal(res.status_code, 403) def test_GET_approve_registration_without_embargo_raises_HTTPBad_Request(self): assert_false(self.registration.pending_embargo) res = self.app.get( self.registration.web_url_for('node_registration_embargo_approve', token=fake.sentence()), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_approve_with_invalid_token_returns_HTTPBad_Request(self): self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.pending_embargo) res = self.app.get( self.registration.web_url_for('node_registration_embargo_approve', token=fake.sentence()), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_approve_with_wrong_token_returns_HTTPBad_Request(self): admin2 = UserFactory() self.registration.contributors.append(admin2) self.registration.add_permission(admin2, 'admin', save=True) self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.pending_embargo) wrong_approval_token = self.registration.embargo.approval_state[admin2._id]['approval_token'] res = self.app.get( self.registration.web_url_for('node_registration_embargo_approve', token=wrong_approval_token), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_approve_with_wrong_admins_token_returns_HTTPBad_Request(self): admin2 = UserFactory() self.registration.contributors.append(admin2) self.registration.add_permission(admin2, 'admin', save=True) self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.pending_embargo) wrong_approval_token = self.registration.embargo.approval_state[admin2._id]['approval_token'] res = self.app.get( self.registration.web_url_for('node_registration_embargo_approve', token=wrong_approval_token), auth=self.user.auth, expect_errors=True ) assert_true(self.registration.pending_embargo) assert_equal(res.status_code, 400) def test_GET_approve_with_valid_token_returns_redirect(self): self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.pending_embargo) approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token'] res = self.app.get( self.registration.web_url_for('node_registration_embargo_approve', token=approval_token), auth=self.user.auth, ) self.registration.embargo.reload() assert_true(self.registration.embargo_end_date) assert_false(self.registration.pending_embargo) assert_equal(res.status_code, 302) # node_registration_embargo_disapprove tests def test_GET_from_unauthorized_user_returns_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get( self.registration.web_url_for('node_registration_embargo_disapprove', token=fake.sentence()), auth=unauthorized_user.auth, expect_errors=True ) assert_equal(res.status_code, 403) def test_GET_disapprove_registration_without_embargo_HTTPBad_Request(self): assert_false(self.registration.pending_embargo) res = self.app.get( self.registration.web_url_for('node_registration_embargo_disapprove', token=fake.sentence()), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_disapprove_with_invalid_token_returns_HTTPBad_Request(self): self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.pending_embargo) res = self.app.get( self.registration.web_url_for('node_registration_embargo_disapprove', token=fake.sentence()), auth=self.user.auth, expect_errors=True ) self.registration.embargo.reload() assert_true(self.registration.pending_embargo) assert_equal(res.status_code, 400) def test_GET_disapprove_with_wrong_admins_token_returns_HTTPBad_Request(self): admin2 = UserFactory() self.registration.contributors.append(admin2) self.registration.add_permission(admin2, 'admin', save=True) self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.pending_embargo) wrong_disapproval_token = self.registration.embargo.approval_state[admin2._id]['disapproval_token'] res = self.app.get( self.registration.web_url_for('node_registration_embargo_disapprove', token=wrong_disapproval_token), auth=self.user.auth, expect_errors=True ) assert_true(self.registration.pending_embargo) assert_equal(res.status_code, 400) def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self): project = ProjectFactory(creator=self.user) registration = RegistrationFactory(project=project) registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) registration.save() assert_true(registration.pending_embargo) disapproval_token = registration.embargo.approval_state[self.user._id]['disapproval_token'] res = self.app.get( registration.web_url_for('node_registration_embargo_disapprove', token=disapproval_token), auth=self.user.auth, ) registration.embargo.reload() assert_equal(registration.embargo.state, Embargo.CANCELLED) assert_false(registration.embargo_end_date) assert_false(registration.pending_embargo) assert_equal(res.status_code, 302) assert_true(project._id in res.location) def test_GET_disapprove_for_existing_registration_with_valid_token_returns_redirect_to_registration(self): self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10), for_existing_registration=True ) self.registration.save() assert_true(self.registration.pending_embargo) disapproval_token = self.registration.embargo.approval_state[self.user._id]['disapproval_token'] res = self.app.get( self.registration.web_url_for('node_registration_embargo_disapprove', token=disapproval_token), auth=self.user.auth, ) self.registration.embargo.reload() assert_equal(self.registration.embargo.state, Embargo.CANCELLED) assert_false(self.registration.embargo_end_date) assert_false(self.registration.pending_embargo) assert_equal(res.status_code, 302) assert_true(self.registration._id in res.location)
class RegistrationRetractionApprovalDisapprovalViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationRetractionApprovalDisapprovalViewsTestCase, self).setUp() self.user = AuthUserFactory() self.registered_from = ProjectFactory(is_public=True, creator=self.user) self.registration = RegistrationFactory(is_public=True, project=self.registered_from) self.registration.retract_registration(self.user) self.registration.save() self.approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token'] self.rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token'] self.corrupt_token = fake.sentence() self.token_without_sanction = tokens.encode({ 'action': 'approve_retraction', 'user_id': self.user._id, 'sanction_id': 'invalid id' }) # node_registration_retraction_approve_tests def test_GET_approve_from_unauthorized_user_returns_HTTPError_UNAUTHORIZED(self): unauthorized_user = AuthUserFactory() res = self.app.get( self.registration.web_url_for('view_project', token=self.approval_token), auth=unauthorized_user.auth, expect_errors=True ) assert_equal(res.status_code, http.UNAUTHORIZED) def test_GET_approve_registration_without_retraction_returns_HTTPError_BAD_REQUEST(self): assert_true(self.registration.is_pending_retraction) self.registration.retraction.reject(self.user, self.rejection_token) assert_false(self.registration.is_pending_retraction) self.registration.retraction.save() res = self.app.get( self.registration.web_url_for('view_project', token=self.approval_token), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, http.BAD_REQUEST) def test_GET_approve_with_invalid_token_returns_HTTPError_BAD_REQUEST(self): res = self.app.get( self.registration.web_url_for('view_project', token=self.corrupt_token), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, http.BAD_REQUEST) def test_GET_approve_with_non_existant_sanction_returns_HTTPError_BAD_REQUEST(self): res = self.app.get( self.registration.web_url_for('view_project', token=self.token_without_sanction), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, http.BAD_REQUEST) def test_GET_approve_with_valid_token_returns_200(self): res = self.app.get( self.registration.web_url_for('view_project', token=self.approval_token), auth=self.user.auth ) self.registration.retraction.reload() assert_true(self.registration.is_retracted) assert_false(self.registration.is_pending_retraction) assert_equal(res.status_code, http.OK) # node_registration_retraction_disapprove_tests def test_GET_disapprove_from_unauthorized_user_returns_HTTPError_UNAUTHORIZED(self): unauthorized_user = AuthUserFactory() res = self.app.get( self.registration.web_url_for('view_project', token=self.rejection_token), auth=unauthorized_user.auth, expect_errors=True ) assert_equal(res.status_code, http.UNAUTHORIZED) def test_GET_disapprove_registration_without_retraction_returns_HTTPError_BAD_REQUEST(self): assert_true(self.registration.is_pending_retraction) self.registration.retraction.reject(self.user, self.rejection_token) assert_false(self.registration.is_pending_retraction) self.registration.retraction.save() res = self.app.get( self.registration.web_url_for('view_project', token=self.rejection_token), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, http.BAD_REQUEST) def test_GET_disapprove_with_invalid_token_HTTPError_BAD_REQUEST(self): res = self.app.get( self.registration.web_url_for('view_project', token=self.corrupt_token), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, http.BAD_REQUEST) def test_GET_disapprove_with_valid_token_returns_redirect(self): res = self.app.get( self.registration.web_url_for('view_project', token=self.rejection_token), auth=self.user.auth, ) self.registration.retraction.reload() assert_false(self.registration.is_retracted) assert_false(self.registration.is_pending_retraction) assert_true(self.registration.retraction.is_rejected) assert_equal(res.status_code, http.OK)
class RegistrationRetractionViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationRetractionViewsTestCase, self).setUp() self.user = AuthUserFactory() self.auth = self.user.auth self.registration = RegistrationFactory(creator=self.user, is_public=True) self.retraction_post_url = self.registration.api_url_for( 'node_registration_retraction_post') self.retraction_get_url = self.registration.web_url_for( 'node_registration_retraction_get') self.justification = fake.sentence() def test_GET_retraction_page_when_pending_retraction_returns_HTTPBad_Request( self): self.registration.retract_registration(self.user) self.registration.save() res = self.app.get( self.retraction_get_url, auth=self.auth, expect_errors=True, ) assert_equal(res.status_code, 400) def test_POST_retraction_to_private_registration_returns_HTTPBad_request( self): self.registration.is_public = False self.registration.save() res = self.app.post_json( self.retraction_post_url, auth=self.auth, expect_errors=True, ) assert_equal(res.status_code, 400) self.registration.reload() assert_is_none(self.registration.retraction) # https://trello.com/c/bYyt6nYT/89-clicking-retract-registration-with-unregistered-users-as-project-admins-gives-500-error @mock.patch('website.project.views.register.mails.send_mail') def test_POST_retraction_does_not_send_email_to_unregistered_admins( self, mock_send_mail): unreg = UnregUserFactory() self.registration.add_contributor(unreg, auth=Auth(self.user), permissions=('read', 'write', 'admin')) self.registration.save() self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.auth, ) # Only the creator gets an email; the unreg user does not get emailed assert_equal(mock_send_mail.call_count, 1) def test_POST_pending_embargo_returns_HTTPBad_request(self): self.registration.embargo_registration( self.user, (datetime.datetime.utcnow() + datetime.timedelta(days=10)), for_existing_registration=True) self.registration.save() assert_true(self.registration.pending_embargo) res = self.app.post_json( self.retraction_post_url, auth=self.auth, expect_errors=True, ) assert_equal(res.status_code, 400) self.registration.reload() assert_is_none(self.registration.retraction) def test_POST_retraction_by_non_admin_retract_HTTPUnauthorized(self): res = self.app.post_json(self.retraction_post_url, expect_errors=True) assert_equals(res.status_code, 401) self.registration.reload() assert_is_none(self.registration.retraction) def test_POST_retraction_without_justification_returns_HTTPOK(self): res = self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.auth, ) assert_equal(res.status_code, 200) self.registration.reload() assert_false(self.registration.retraction.is_retracted) assert_equal(self.registration.retraction.state, Retraction.PENDING) assert_is_none(self.registration.retraction.justification) def test_valid_POST_retraction_adds_to_parent_projects_log(self): initial_project_logs = len(self.registration.registered_from.logs) self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.auth, ) self.registration.registered_from.reload() # Logs: Created, registered, retraction initiated assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 1)
class TestIdentifierViews(OsfTestCase): def setUp(self): super(TestIdentifierViews, self).setUp() self.user = AuthUserFactory() self.node = RegistrationFactory(creator=self.user, is_public=True) def test_get_identifiers(self): self.node.set_identifier_value('doi', 'FK424601') self.node.set_identifier_value('ark', 'fk224601') res = self.app.get(self.node.api_url_for('node_identifiers_get')) assert_equal(res.json['doi'], 'FK424601') assert_equal(res.json['ark'], 'fk224601') @httpretty.activate def test_create_identifiers_not_exists(self): identifier = self.node._id url = furl.furl('https://ezid.cdlib.org/id') doi = settings.EZID_FORMAT.format(namespace=settings.DOI_NAMESPACE, guid=identifier) url.path.segments.append(doi) httpretty.register_uri( httpretty.PUT, url.url, body=to_anvl({ 'success': '{doi}osf.io/{ident} | {ark}osf.io/{ident}'.format( doi=settings.DOI_NAMESPACE, ark=settings.ARK_NAMESPACE, ident=identifier, ), }), status=201, priority=1, ) res = self.app.post( self.node.api_url_for('node_identifiers_post'), auth=self.user.auth, ) self.node.reload() assert_equal( res.json['doi'], self.node.get_identifier_value('doi') ) assert_equal( res.json['ark'], self.node.get_identifier_value('ark') ) assert_equal(res.status_code, 201) @httpretty.activate def test_create_identifiers_exists(self): identifier = self.node._id doi = settings.EZID_FORMAT.format(namespace=settings.DOI_NAMESPACE, guid=identifier) url = furl.furl('https://ezid.cdlib.org/id') url.path.segments.append(doi) httpretty.register_uri( httpretty.PUT, url.url, body='identifier already exists', status=400, ) httpretty.register_uri( httpretty.GET, url.url, body=to_anvl({ 'success': doi, }), status=200, ) res = self.app.post( self.node.api_url_for('node_identifiers_post'), auth=self.user.auth, ) self.node.reload() assert_equal( res.json['doi'], self.node.get_identifier_value('doi') ) assert_equal( res.json['ark'], self.node.get_identifier_value('ark') ) assert_equal(res.status_code, 201) def test_get_by_identifier(self): self.node.set_identifier_value('doi', 'FK424601') self.node.set_identifier_value('ark', 'fk224601') res_doi = self.app.get( self.node.web_url_for( 'get_referent_by_identifier', category='doi', value=self.node.get_identifier_value('doi'), ), ) assert_equal(res_doi.status_code, 302) assert_urls_equal(res_doi.headers['Location'], self.node.absolute_url) res_ark = self.app.get( self.node.web_url_for( 'get_referent_by_identifier', category='ark', value=self.node.get_identifier_value('ark'), ), ) assert_equal(res_ark.status_code, 302) assert_urls_equal(res_ark.headers['Location'], self.node.absolute_url) def test_get_by_identifier_not_found(self): self.node.set_identifier_value('doi', 'FK424601') res = self.app.get( self.node.web_url_for( 'get_referent_by_identifier', category='doi', value='fakedoi', ), expect_errors=True, ) assert_equal(res.status_code, 404)
class RegistrationRetractionApprovalDisapprovalViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationRetractionApprovalDisapprovalViewsTestCase, self).setUp() self.user = AuthUserFactory() self.auth = self.user.auth self.registration = RegistrationFactory(is_public=True, creator=self.user) # node_registration_retraction_approve_tests def test_GET_approve_from_unauthorized_user_raises_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get( self.registration.web_url_for('node_registration_retraction_approve', token=fake.sentence()), auth=unauthorized_user.auth, expect_errors=True ) assert_equal(res.status_code, 403) def test_GET_approve_registration_without_retraction_returns_HTTPBad_Request(self): assert_false(self.registration.pending_retraction) res = self.app.get( self.registration.web_url_for('node_registration_retraction_approve', token=fake.sentence()), auth=self.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_approve_with_invalid_token_returns_HTTPBad_Request(self): self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) res = self.app.get( self.registration.web_url_for('node_registration_retraction_approve', token=fake.sentence()), auth=self.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_approve_with_valid_token_returns_redirect(self): self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token'] res = self.app.get( self.registration.web_url_for('node_registration_retraction_approve', token=approval_token), auth=self.auth ) self.registration.retraction.reload() assert_true(self.registration.is_retracted) assert_false(self.registration.pending_retraction) assert_equal(res.status_code, 302) def test_GET_approve_with_wrong_admins_token_returns_HTTPBad_Request(self): user2 = AuthUserFactory() self.registration.contributors.append(user2) self.registration.add_permission(user2, 'admin', save=True) self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) assert_equal(len(self.registration.retraction.approval_state), 2) wrong_approval_token = self.registration.retraction.approval_state[user2._id]['approval_token'] res = self.app.get( self.registration.web_url_for('node_registration_retraction_approve', token=wrong_approval_token), auth=self.auth, expect_errors=True ) assert_true(self.registration.pending_retraction) assert_equal(res.status_code, 400) # node_registration_retraction_disapprove_tests def test_GET_disapprove_from_unauthorized_user_raises_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get( self.registration.web_url_for('node_registration_retraction_disapprove', token=fake.sentence()), auth=unauthorized_user.auth, expect_errors=True ) assert_equal(res.status_code, 403) def test_GET_disapprove_registration_without_retraction_returns_HTTPBad_Request(self): assert_false(self.registration.pending_retraction) res = self.app.get( self.registration.web_url_for('node_registration_retraction_disapprove', token=fake.sentence()), auth=self.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_disapprove_with_invalid_token_returns_HTTPBad_Request(self): self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) res = self.app.get( self.registration.web_url_for('node_registration_retraction_disapprove', token=fake.sentence()), auth=self.auth, expect_errors=True ) assert_equal(res.status_code, 400) def test_GET_disapprove_with_wrong_admins_token_returns_HTTPBad_Request(self): user2 = AuthUserFactory() self.registration.contributors.append(user2) self.registration.add_permission(user2, 'admin', save=True) self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) assert_equal(len(self.registration.retraction.approval_state), 2) wrong_disapproval_token = self.registration.retraction.approval_state[user2._id]['disapproval_token'] res = self.app.get( self.registration.web_url_for('node_registration_retraction_disapprove', token=wrong_disapproval_token), auth=self.auth, expect_errors=True ) assert_true(self.registration.pending_retraction) assert_equal(res.status_code, 400) def test_GET_disapprove_with_valid_token_returns_redirect(self): self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) disapproval_token = self.registration.retraction.approval_state[self.user._id]['disapproval_token'] res = self.app.get( self.registration.web_url_for('node_registration_retraction_disapprove', token=disapproval_token), auth=self.auth, ) self.registration.retraction.reload() assert_false(self.registration.is_retracted) assert_false(self.registration.pending_retraction) assert_equal(self.registration.retraction.state, Retraction.CANCELLED) assert_equal(res.status_code, 302)
class TestIdentifierViews(OsfTestCase): def setUp(self): super(TestIdentifierViews, self).setUp() self.user = AuthUserFactory() self.node = RegistrationFactory(creator=self.user, is_public=True) def test_get_identifiers(self): self.node.set_identifier_value('doi', 'FK424601') self.node.set_identifier_value('ark', 'fk224601') res = self.app.get(self.node.api_url_for('node_identifiers_get')) assert_equal(res.json['doi'], 'FK424601') assert_equal(res.json['ark'], 'fk224601') def test_create_identifiers_not_exists(self): identifier = self.node._id url = furl.furl('https://ezid.cdlib.org/id') doi = settings.EZID_FORMAT.format(namespace=settings.DOI_NAMESPACE, guid=identifier) url.path.segments.append(doi) httpretty.register_uri( httpretty.PUT, url.url, body=to_anvl({ 'success': '{doi}osf.io/{ident} | {ark}osf.io/{ident}'.format( doi=settings.DOI_NAMESPACE, ark=settings.ARK_NAMESPACE, ident=identifier, ), }), status=201, priority=1, ) res = self.app.post( self.node.api_url_for('node_identifiers_post'), auth=self.user.auth, ) self.node.reload() assert_equal(res.json['doi'], self.node.get_identifier_value('doi')) assert_equal(res.json['ark'], self.node.get_identifier_value('ark')) assert_equal(res.status_code, 201) def test_create_identifiers_exists(self): identifier = self.node._id doi = settings.EZID_FORMAT.format(namespace=settings.DOI_NAMESPACE, guid=identifier) url = furl.furl('https://ezid.cdlib.org/id') url.path.segments.append(doi) httpretty.register_uri( httpretty.PUT, url.url, body='identifier already exists', status=400, ) httpretty.register_uri( httpretty.GET, url.url, body=to_anvl({ 'success': doi, }), status=200, ) res = self.app.post( self.node.api_url_for('node_identifiers_post'), auth=self.user.auth, ) self.node.reload() assert_equal(res.json['doi'], self.node.get_identifier_value('doi')) assert_equal(res.json['ark'], self.node.get_identifier_value('ark')) assert_equal(res.status_code, 201) def test_get_by_identifier(self): self.node.set_identifier_value('doi', 'FK424601') self.node.set_identifier_value('ark', 'fk224601') res_doi = self.app.get( self.node.web_url_for( 'get_referent_by_identifier', category='doi', value=self.node.get_identifier_value('doi'), ), ) assert_equal(res_doi.status_code, 302) assert_urls_equal(res_doi.headers['Location'], self.node.absolute_url) res_ark = self.app.get( self.node.web_url_for( 'get_referent_by_identifier', category='ark', value=self.node.get_identifier_value('ark'), ), ) assert_equal(res_ark.status_code, 302) assert_urls_equal(res_ark.headers['Location'], self.node.absolute_url) def test_get_by_identifier_not_found(self): self.node.set_identifier_value('doi', 'FK424601') res = self.app.get( self.node.web_url_for( 'get_referent_by_identifier', category='doi', value='fakedoi', ), expect_errors=True, ) assert_equal(res.status_code, 404)
class RegistrationEmbargoViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationEmbargoViewsTestCase, self).setUp() ensure_schemas() self.user = AuthUserFactory() self.project = ProjectFactory(creator=self.user) self.draft = DraftRegistrationFactory(branched_from=self.project) self.registration = RegistrationFactory(project=self.project, creator=self.user) current_month = datetime.datetime.now().strftime("%B") current_year = datetime.datetime.now().strftime("%Y") self.valid_make_public_payload = json.dumps({ u'embargoEndDate': u'Fri, 01, {month} {year} 00:00:00 GMT'.format( month=current_month, year=current_year ), u'registrationChoice': 'immediate', u'summary': unicode(fake.sentence()) }) valid_date = datetime.datetime.now() + datetime.timedelta(days=180) self.valid_embargo_payload = json.dumps({ u'embargoEndDate': unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT', u'registrationChoice': 'embargo', u'summary': unicode(fake.sentence()) }) self.invalid_embargo_date_payload = json.dumps({ u'embargoEndDate': u"Thu, 01 {month} {year} 05:00:00 GMT".format( month=current_month, year=str(int(current_year)-1) ), u'registrationChoice': 'embargo', u'summary': unicode(fake.sentence()) }) @mock.patch('framework.celery_tasks.handlers.enqueue_task') def test_register_draft_without_embargo_creates_registration_approval(self, mock_enqueue): res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_make_public_payload, content_type='application/json', auth=self.user.auth ) assert_equal(res.status_code, 202) registration = Node.find().sort('-registered_date')[0] assert_true(registration.is_registration) assert_not_equal(registration.registration_approval, None) # Regression test for https://openscience.atlassian.net/browse/OSF-5039 @mock.patch('framework.celery_tasks.handlers.enqueue_task') def test_POST_register_make_public_immediately_creates_private_pending_registration_for_public_project(self, mock_enqueue): self.project.is_public = True self.project.save() component = NodeFactory( creator=self.user, parent=self.project, title='Component', is_public=True ) subproject = ProjectFactory( creator=self.user, parent=self.project, title='Subproject', is_public=True ) subproject_component = NodeFactory( creator=self.user, parent=subproject, title='Subcomponent', is_public=True ) res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_make_public_payload, content_type='application/json', auth=self.user.auth ) self.project.reload() assert_equal(res.status_code, 202) assert_equal(res.json['urls']['registrations'], self.project.web_url_for('node_registrations')) # Last node directly registered from self.project registration = Node.find( Q('registered_from', 'eq', self.project) ).sort('-registered_date')[0] assert_true(registration.is_registration) assert_false(registration.is_public) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch('framework.celery_tasks.handlers.enqueue_task') def test_POST_register_make_public_does_not_make_children_public(self, mock_enqueue): component = NodeFactory( creator=self.user, parent=self.project, title='Component' ) subproject = ProjectFactory( creator=self.user, parent=self.project, title='Subproject' ) subproject_component = NodeFactory( creator=self.user, parent=subproject, title='Subcomponent' ) res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_make_public_payload, content_type='application/json', auth=self.user.auth ) self.project.reload() # Last node directly registered from self.project registration = self.project.registrations_all[-1] assert_false(registration.is_public) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch('framework.celery_tasks.handlers.enqueue_task') def test_POST_register_embargo_is_not_public(self, mock_enqueue): res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_embargo_payload, content_type='application/json', auth=self.user.auth ) assert_equal(res.status_code, 202) registration = Node.find().sort('-registered_date')[0] assert_true(registration.is_registration) assert_false(registration.is_public) assert_true(registration.is_pending_embargo_for_existing_registration) assert_is_not_none(registration.embargo) # Regression test for https://openscience.atlassian.net/browse/OSF-5071 @mock.patch('framework.celery_tasks.handlers.enqueue_task') def test_POST_register_embargo_does_not_make_project_or_children_public(self, mock_enqueue): self.project.is_public = True self.project.save() component = NodeFactory( creator=self.user, parent=self.project, title='Component', is_public=True ) subproject = ProjectFactory( creator=self.user, parent=self.project, title='Subproject', is_public=True ) subproject_component = NodeFactory( creator=self.user, parent=subproject, title='Subcomponent', is_public=True ) res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_embargo_payload, content_type='application/json', auth=self.user.auth ) self.project.reload() assert_equal(res.status_code, 202) assert_equal(res.json['urls']['registrations'], self.project.web_url_for('node_registrations')) # Last node directly registered from self.project registration = Node.find( Q('registered_from', 'eq', self.project) ).sort('-registered_date')[0] assert_true(registration.is_registration) assert_false(registration.is_public) assert_true(registration.is_pending_embargo_for_existing_registration) assert_is_not_none(registration.embargo) for node in registration.get_descendants_recursive(): assert_true(node.is_registration) assert_false(node.is_public) @mock.patch('framework.celery_tasks.handlers.enqueue_task') def test_POST_invalid_embargo_end_date_returns_HTTPBad_Request(self, mock_enqueue): res = self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.invalid_embargo_date_payload, content_type='application/json', auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) @mock.patch('framework.celery_tasks.handlers.enqueue_task') def test_valid_POST_embargo_adds_to_parent_projects_log(self, mock_enquque): initial_project_logs = len(self.project.logs) self.app.post( self.project.api_url_for('register_draft_registration', draft_id=self.draft._id), self.valid_embargo_payload, content_type='application/json', auth=self.user.auth ) self.project.reload() # Logs: Created, registered, embargo initiated assert_equal(len(self.project.logs), initial_project_logs + 1) @mock.patch('website.project.sanctions.TokenApprovableSanction.ask') def test_embargoed_registration_set_privacy_requests_embargo_termination(self, mock_ask): # Initiate and approve embargo for i in range(3): c = AuthUserFactory() self.registration.add_contributor(c, [permissions.ADMIN], auth=Auth(self.user)) self.registration.save() self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) for user_id, embargo_tokens in self.registration.embargo.approval_state.iteritems(): approval_token = embargo_tokens['approval_token'] self.registration.embargo.approve_embargo(User.load(user_id), approval_token) self.registration.save() res = self.app.post( self.registration.api_url_for('project_set_privacy', permissions='public'), auth=self.user.auth, ) assert_equal(res.status_code, 200) for reg in self.registration.node_and_primary_descendants(): reg.reload() assert_false(reg.is_public) assert_true(reg.embargo_termination_approval) assert_true(reg.embargo_termination_approval.is_pending_approval) def test_cannot_request_termination_on_component_of_embargo(self): node = ProjectFactory() child = ProjectFactory(parent=node, creator=node.creator) with utils.mock_archive(node, embargo=True, autocomplete=True, autoapprove=True) as reg: with assert_raises(NodeStateError): reg.nodes[0].request_embargo_termination(Auth(node.creator)) @mock.patch('website.mails.send_mail') def test_embargoed_registration_set_privacy_sends_mail(self, mock_send_mail): """ Integration test for https://github.com/CenterForOpenScience/osf.io/pull/5294#issuecomment-212613668 """ # Initiate and approve embargo for i in range(3): c = AuthUserFactory() self.registration.add_contributor(c, [permissions.ADMIN], auth=Auth(self.user)) self.registration.save() self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) for user_id, embargo_tokens in self.registration.embargo.approval_state.iteritems(): approval_token = embargo_tokens['approval_token'] self.registration.embargo.approve_embargo(User.load(user_id), approval_token) self.registration.save() res = self.app.post( self.registration.api_url_for('project_set_privacy', permissions='public'), auth=self.user.auth, ) assert_equal(res.status_code, 200) for admin in self.registration.admin_contributors: assert_true(any([c[0][0] == admin.username for c in mock_send_mail.call_args_list])) @mock.patch('website.project.sanctions.TokenApprovableSanction.ask') def test_make_child_embargoed_registration_public_asks_all_admins_in_tree(self, mock_ask): # Initiate and approve embargo node = NodeFactory(creator=self.user) c1 = AuthUserFactory() child = NodeFactory(parent=node, creator=c1) c2 = AuthUserFactory() NodeFactory(parent=child, creator=c2) registration = RegistrationFactory(project=node) registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) for user_id, embargo_tokens in registration.embargo.approval_state.iteritems(): approval_token = embargo_tokens['approval_token'] registration.embargo.approve_embargo(User.load(user_id), approval_token) self.registration.save() res = self.app.post( registration.api_url_for('project_set_privacy', permissions='public'), auth=self.user.auth ) assert_equal(res.status_code, 200) asked_admins = [(admin._id, n._id) for admin, n in mock_ask.call_args[0][0]] for admin, node in registration.get_admin_contributors_recursive(): assert_in((admin._id, node._id), asked_admins) def test_non_contributor_GET_approval_returns_HTTPError(self): non_contributor = AuthUserFactory() self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.is_pending_embargo) approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token'] approval_url = self.registration.web_url_for('view_project', token=approval_token) res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(http.FORBIDDEN, res.status_code) assert_true(self.registration.is_pending_embargo) assert_true(self.registration.embargo_end_date) def test_non_contributor_GET_disapproval_returns_HTTPError(self): non_contributor = AuthUserFactory() self.registration.embargo_registration( self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10) ) self.registration.save() assert_true(self.registration.is_pending_embargo) rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token'] approval_url = self.registration.web_url_for('view_project', token=rejection_token) res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(http.FORBIDDEN, res.status_code) assert_true(self.registration.is_pending_embargo) assert_true(self.registration.embargo_end_date)
class RegistrationRetractionViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationRetractionViewsTestCase, self).setUp() self.user = AuthUserFactory() self.auth = self.user.auth self.registration = RegistrationFactory(creator=self.user, is_public=True) self.retraction_post_url = self.registration.api_url_for('node_registration_retraction_post') self.retraction_get_url = self.registration.web_url_for('node_registration_retraction_get') self.justification = fake.sentence() def test_GET_retraction_page_when_pending_retraction_returns_HTTPBad_Request(self): self.registration.retract_registration(self.user) self.registration.save() res = self.app.get( self.retraction_get_url, auth=self.auth, expect_errors=True, ) assert_equal(res.status_code, 400) def test_POST_retraction_to_private_registration_returns_HTTPBad_request(self): self.registration.is_public = False self.registration.save() res = self.app.post_json( self.retraction_post_url, auth=self.auth, expect_errors=True, ) assert_equal(res.status_code, 400) self.registration.reload() assert_is_none(self.registration.retraction) # https://trello.com/c/bYyt6nYT/89-clicking-retract-registration-with-unregistered-users-as-project-admins-gives-500-error @mock.patch('website.project.views.register.mails.send_mail') def test_POST_retraction_does_not_send_email_to_unregistered_admins(self, mock_send_mail): unreg = UnregUserFactory() self.registration.add_contributor( unreg, auth=Auth(self.user), permissions=('read', 'write', 'admin') ) self.registration.save() self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.auth, ) # Only the creator gets an email; the unreg user does not get emailed assert_equal(mock_send_mail.call_count, 1) def test_POST_pending_embargo_returns_HTTPBad_request(self): self.registration.embargo_registration( self.user, (datetime.datetime.utcnow() + datetime.timedelta(days=10)), for_existing_registration=True ) self.registration.save() assert_true(self.registration.pending_embargo) res = self.app.post_json( self.retraction_post_url, auth=self.auth, expect_errors=True, ) assert_equal(res.status_code, 400) self.registration.reload() assert_is_none(self.registration.retraction) def test_POST_retraction_by_non_admin_retract_HTTPUnauthorized(self): res = self.app.post_json(self.retraction_post_url, expect_errors=True) assert_equals(res.status_code, 401) self.registration.reload() assert_is_none(self.registration.retraction) def test_POST_retraction_without_justification_returns_HTTPOK(self): res = self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.auth, ) assert_equal(res.status_code, 200) self.registration.reload() assert_false(self.registration.retraction.is_retracted) assert_equal(self.registration.retraction.state, Retraction.PENDING) assert_is_none(self.registration.retraction.justification) def test_valid_POST_retraction_adds_to_parent_projects_log(self): initial_project_logs = len(self.registration.registered_from.logs) self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.auth, ) self.registration.registered_from.reload() # Logs: Created, registered, retraction initiated assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 1)
class RegistrationRetractionViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationRetractionViewsTestCase, self).setUp() self.user = AuthUserFactory() self.registered_from = ProjectFactory(creator=self.user, is_public=True) self.registration = RegistrationFactory(project=self.registered_from, is_public=True) self.retraction_post_url = self.registration.api_url_for('node_registration_retraction_post') self.retraction_get_url = self.registration.web_url_for('node_registration_retraction_get') self.justification = fake.sentence() def test_GET_retraction_page_when_pending_retraction_returns_HTTPError_BAD_REQUEST(self): self.registration.retract_registration(self.user) self.registration.save() res = self.app.get( self.retraction_get_url, auth=self.user.auth, expect_errors=True, ) assert_equal(res.status_code, http.BAD_REQUEST) def test_POST_retraction_to_private_registration_returns_HTTPError_FORBIDDEN(self): self.registration.is_public = False self.registration.save() res = self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.user.auth, expect_errors=True, ) assert_equal(res.status_code, http.FORBIDDEN) self.registration.reload() assert_is_none(self.registration.retraction) @mock.patch('website.mails.send_mail') def test_POST_retraction_does_not_send_email_to_unregistered_admins(self, mock_send_mail): unreg = UnregUserFactory() self.registration.add_contributor( unreg, auth=Auth(self.user), permissions=['read', 'write', 'admin'] ) self.registration.save() self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.user.auth, ) # Only the creator gets an email; the unreg user does not get emailed assert_equal(mock_send_mail.call_count, 1) def test_POST_pending_embargo_returns_HTTPError_HTTPOK(self): self.registration.embargo_registration( self.user, (datetime.datetime.utcnow() + datetime.timedelta(days=10)), for_existing_registration=True ) self.registration.save() assert_true(self.registration.is_pending_embargo) res = self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.user.auth, expect_errors=True, ) assert_equal(res.status_code, http.OK) self.registration.reload() assert_true(self.registration.is_pending_retraction) def test_POST_active_embargo_returns_HTTPOK(self): self.registration.embargo_registration( self.user, (datetime.datetime.utcnow() + datetime.timedelta(days=10)), for_existing_registration=True ) self.registration.save() assert_true(self.registration.is_pending_embargo) approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token'] self.registration.embargo.approve(self.user, approval_token) assert_true(self.registration.embargo_end_date) res = self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.user.auth, expect_errors=True, ) assert_equal(res.status_code, http.OK) self.registration.reload() assert_true(self.registration.is_pending_retraction) def test_POST_retraction_by_non_admin_retract_HTTPError_UNAUTHORIZED(self): res = self.app.post_json(self.retraction_post_url, expect_errors=True) assert_equals(res.status_code, http.UNAUTHORIZED) self.registration.reload() assert_is_none(self.registration.retraction) @mock.patch('website.mails.send_mail') def test_POST_retraction_without_justification_returns_HTTPOK(self, mock_send): res = self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.user.auth, ) assert_equal(res.status_code, http.OK) self.registration.reload() assert_false(self.registration.is_retracted) assert_true(self.registration.is_pending_retraction) assert_is_none(self.registration.retraction.justification) @mock.patch('website.mails.send_mail') def test_valid_POST_retraction_adds_to_parent_projects_log(self, mock_send): initial_project_logs = len(self.registration.registered_from.logs) self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.user.auth, ) self.registration.registered_from.reload() # Logs: Created, registered, retraction initiated assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 1) @mock.patch('website.mails.send_mail') def test_valid_POST_retraction_when_pending_retraction_raises_400(self, mock_send): self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.user.auth, ) res = self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 400) @mock.patch('website.mails.send_mail') def test_valid_POST_calls_send_mail_with_username(self, mock_send): self.app.post_json( self.retraction_post_url, {'justification': ''}, auth=self.user.auth, ) assert_true(mock_send.called) args, kwargs = mock_send.call_args assert_true(self.user.username in args) def test_non_contributor_GET_approval_returns_HTTPError_UNAUTHORIZED(self): non_contributor = AuthUserFactory() self.registration.retract_registration(self.user) approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token'] approval_url = self.registration.web_url_for('view_project', token=approval_token) res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(res.status_code, http.UNAUTHORIZED) assert_true(self.registration.is_pending_retraction) assert_false(self.registration.is_retracted) def test_non_contributor_GET_disapproval_returns_HTTPError_UNAUTHORIZED(self): non_contributor = AuthUserFactory() self.registration.retract_registration(self.user) rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token'] disapproval_url = self.registration.web_url_for('view_project', token=rejection_token) res = self.app.get(disapproval_url, auth=non_contributor.auth, expect_errors=True) assert_equal(res.status_code, http.UNAUTHORIZED) assert_true(self.registration.is_pending_retraction) assert_false(self.registration.is_retracted)
class RegistrationRetractionApprovalDisapprovalViewsTestCase(OsfTestCase): def setUp(self): super(RegistrationRetractionApprovalDisapprovalViewsTestCase, self).setUp() self.user = AuthUserFactory() self.auth = self.user.auth self.registration = RegistrationFactory(is_public=True, creator=self.user) # node_registration_retraction_approve_tests def test_GET_approve_from_unauthorized_user_raises_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get(self.registration.web_url_for( 'node_registration_retraction_approve', token=fake.sentence()), auth=unauthorized_user.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_GET_approve_registration_without_retraction_returns_HTTPBad_Request( self): assert_false(self.registration.pending_retraction) res = self.app.get(self.registration.web_url_for( 'node_registration_retraction_approve', token=fake.sentence()), auth=self.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_GET_approve_with_invalid_token_returns_HTTPBad_Request(self): self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) res = self.app.get(self.registration.web_url_for( 'node_registration_retraction_approve', token=fake.sentence()), auth=self.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_GET_approve_with_valid_token_returns_redirect(self): self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) approval_token = self.registration.retraction.approval_state[ self.user._id]['approval_token'] res = self.app.get(self.registration.web_url_for( 'node_registration_retraction_approve', token=approval_token), auth=self.auth) self.registration.retraction.reload() assert_true(self.registration.is_retracted) assert_false(self.registration.pending_retraction) assert_equal(res.status_code, 302) def test_GET_approve_with_wrong_admins_token_returns_HTTPBad_Request(self): user2 = AuthUserFactory() self.registration.contributors.append(user2) self.registration.add_permission(user2, 'admin', save=True) self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) assert_equal(len(self.registration.retraction.approval_state), 2) wrong_approval_token = self.registration.retraction.approval_state[ user2._id]['approval_token'] res = self.app.get(self.registration.web_url_for( 'node_registration_retraction_approve', token=wrong_approval_token), auth=self.auth, expect_errors=True) assert_true(self.registration.pending_retraction) assert_equal(res.status_code, 400) # node_registration_retraction_disapprove_tests def test_GET_disapprove_from_unauthorized_user_raises_HTTPForbidden(self): unauthorized_user = AuthUserFactory() res = self.app.get(self.registration.web_url_for( 'node_registration_retraction_disapprove', token=fake.sentence()), auth=unauthorized_user.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_GET_disapprove_registration_without_retraction_returns_HTTPBad_Request( self): assert_false(self.registration.pending_retraction) res = self.app.get(self.registration.web_url_for( 'node_registration_retraction_disapprove', token=fake.sentence()), auth=self.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_GET_disapprove_with_invalid_token_returns_HTTPBad_Request(self): self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) res = self.app.get(self.registration.web_url_for( 'node_registration_retraction_disapprove', token=fake.sentence()), auth=self.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_GET_disapprove_with_wrong_admins_token_returns_HTTPBad_Request( self): user2 = AuthUserFactory() self.registration.contributors.append(user2) self.registration.add_permission(user2, 'admin', save=True) self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) assert_equal(len(self.registration.retraction.approval_state), 2) wrong_disapproval_token = self.registration.retraction.approval_state[ user2._id]['disapproval_token'] res = self.app.get(self.registration.web_url_for( 'node_registration_retraction_disapprove', token=wrong_disapproval_token), auth=self.auth, expect_errors=True) assert_true(self.registration.pending_retraction) assert_equal(res.status_code, 400) def test_GET_disapprove_with_valid_token_returns_redirect(self): self.registration.retract_registration(self.user) self.registration.save() assert_true(self.registration.pending_retraction) disapproval_token = self.registration.retraction.approval_state[ self.user._id]['disapproval_token'] res = self.app.get( self.registration.web_url_for( 'node_registration_retraction_disapprove', token=disapproval_token), auth=self.auth, ) self.registration.retraction.reload() assert_false(self.registration.is_retracted) assert_false(self.registration.pending_retraction) assert_equal(self.registration.retraction.state, Retraction.CANCELLED) assert_equal(res.status_code, 302)